진 리(Jean H. Lee) 윌슨 센터(Wilson Center) 공공정책 선임연구원은 북한의 사이버 공격과 한미 대응방안에 대해 논의한 이번 인터뷰에서 김정은 총비서가 통치 초기부터 ‘사이버 전사’라고 불리는 북한의 전문 해커부대를 양성했다고 설명합니다. 이들은 미사일 및 대량살상무기 프로그램에 대한 미국과 유엔의 강력한 제재에도 불구하고, 사이버 범죄를 통해 성공적으로 가상화폐를 탈취하며 국제 경제제재를 우회하고 있다고 강조합니다. 아울러, 한국이 북한의 사이버 공격에 대응한 경험이 풍부하고 암호 화폐 기술의 최전선에 있다는 점에 주목하여, 한국 정부가 사이버안보 영역에서 한미동맹 역량 강화에 힘쓰고 가상화폐에 대한 규제정책을 마련해 나가야 한다고 제언합니다.

 

---

 

 

I. The Background Behind North Korea’s Cybersecurity Attacks

 

• As part of her research, Ms. Jean Lee looks into “how North Korea produces hackers when most of the people are disconnected from the internet.”

 

• Ms. Lee states that “Kim Jong-un has managed to add to his formidable weapons program,” notwithstanding “very little export and import for a country that relies on the outside world for fuel, food, and other basic necessities.”

 

• During her reporting trips to North Korea from 2008 to 2017, which she refers to as the “succession period” from the Kim Jong-il to Kim Jong-un regime, Ms. Lee notes that “the propaganda campaigns were centered on science and technology.” Under this campaign, Kim Jong-un “invested in an elite group of students to become computer-savvy” and “has overseen the cultivation of a core group of what we call “cyber warriors.”

 

• She claims that this was a way for Pyongyang to engage in illicit money-making; that is, to “find a new, modern way to get around the sanctions and make money.”

 

II. The Scale of North Korea’s Cybersecurity Attacks

 

• Ms. Lee states that “North Korea’s investment in cyber, as a form of money-making, is something that has been very successful for them in circumventing sanctions.” She evaluates that “North Koreans are constantly one step ahead.”

 

• Ms. Lee emphasizes that Pyongyang’s cyber-attacks largely remained under the surface because “we underestimate them.” Nonetheless, according to a confidential United Nations report in 2019, North Korea has managed to “steal more than two billion dollars in cyber theft” over 35 instances across 17 countries. This “doesn’t include the reported theft of more than 600 million dollars in cryptocurrency from a popular video game.”

 

• Pyongyang’s attacks have “reached a level of awareness among the South Korean public as well,” following the arrest of two South Koreans suspected of “spying for North Korea,” “paid with the digital currency of Bitcoin.”

 

• Although North Korean hackers seem distant from our everyday lives, they in fact, “target us in our everyday lives, every single day.” To illustrate, “our lives are so much online, especially in South Korea.” North Korean hackers can easily take advantage of how South Koreans can be “held hostage” in the online space.

 

• Not to mention, “the number of cyber-attacks from suspected North Korean hackers is over a million a day” in South Korea.

 

III. The Implications of North Korea’s Cybersecurity Attacks on the Sanctions Regime

 

• Ms. Lee underscores the importance of incorporating cyber in Washington’s policy circles, provided that it is an integral part of policy research “when it comes to sanctions.” As “sanctions and borders don’t matter in the world of cyberspace,” “North Korea is relying more heavily on cyber theft.”

 

• While she notes that “cyber is notoriously difficult to trace and very difficult to attribute,” “the North Koreans are leaving some tell-tale signs.” She claims that they are a “bit clumsy” because “they haven’t grown up in the internet the way we have.” Likewise, “there are slight variations in the spelling and vocabulary and some of those come up in the malicious codes that the North Koreans are using.”

 

• She suggests that sanctions regimes should “target those overseas networks;” that is, “young men were dispatched on legitimate visas to carry out IT work,” which the FBI believes to be “hacking.” Clamping down on overseas networks would “stem the flow of currency back to North Korea but also really make it very difficult for the North Koreans to operate overseas.”

 

• Ms. Lee posits that North Korea faces the challenge of “turning digital currency into fiat currency,” now that they’ve been investing in cryptocurrency.

 

IV. Prospects for ROK-U.S. Cooperation on Technology and Cyber

 

• While President Moon and Biden vowed on their summit last year “to create a working group on cyber,” “there hasn’t been much progress.”

 

• The recent summit between President Yoon and Biden was focused on “restoring alliances and reassuring allies in Asia.”

 

• As “South Korea has been a target of cyber-attacks from North Korea for such a long time,” Ms. Lee underscores that Seoul has “a depth of experience, and has a lot of experience to share.” It has been utilized by Pyongyang’s hackers as “a practice ground,” which is attested by the fact that “everything that we were seeing in South Korea, we’ve seen them try out elsewhere.”

 

• In this regard, Ms. Lee notes that “this is an area where South Korea can really take a lead,” especially provided that “South Korea is regarded by the rest of the world as being at the forefront of technology.”

 

V. Steps Forward for the Yoon Administration

 

• Ms. Lee assesses that North Korean hackers are taking advantage of the vulnerability that stems from “a lack of regulation both on the national level and internationally.” She advises that there should be “protection and information-sharing,” should the Yoon administration “embrace digital currency going forward.”

 

• If “South Korea is at the forefront in terms of embracing cryptocurrency,” Ms. Lee stresses that it should also be “on the forefront in enforcement and regulation.”

 

• She highlights the necessity of “marrying the understanding of technology with an understanding of the psychology, the policy.” Governments should “treat it like a policy issue rather than just a tech issue.”

 

• Ms. Lee adds that we cannot compete with the motivation Kim Jong-un has in training cyber warriors. That is to say, “they have more motivation and pressure than any of our cybersecurity experts could ever have.” To counter this, she proposes that “the South Korean government needs to invest in their cybersecurity experts and treat them like cyber warriors as well.” ■

 

※ Please cite accordingly when referencing this source.

 

VI. 약력

 

■ Jean H. Lee_ 우드로윌슨 센터(Wilson Center) 공공정책 선임연구원. 컬럼비아 대학 언론학 석사, 우드로윌슨센터 글로벌 펠로우. AP 통신 초대 평양지국장과 AP 통신 한반도 보도국장을 역임했다. 2012년 미국과 캐나다에서 AP 통신 미디어 편집자상과, 2013년 온라인 저널리즘 상을 수상하였으며, 2013년에는 퓰리처상 특집보도 부문 후보에 오르기도 했다. 뉴욕타임스 등에 기고하며 CNN, BBC, NPR 등에 한반도 관련 전문가로 출연한다.

 

---

 

■ 담당 및 편집: 이승연, EAI 연구원
    문의: 02 2277 1683 (ext. 205) | slee@eai.or.kr