INTERVIEW: U.S. cyber crime czar discusses readiness to stop North Korean threats

‘We can use every element of national power’ to counter illicit cyber activity.
By Jaewoo Park and Hyung Jun You for RFA Korean
Share on WhatsApp
Share on WhatsApp
INTERVIEW: U.S. cyber crime czar discusses readiness to stop North Korean threats “The United States and its allies in Asia, including South Korea and Japan, take the North Korean cyber threat very seriously,” says Nathaniel C. Fick, the U.S. Ambassador at Large for Cyberspace and Digital Policy.

Nathaniel C. Fick is the U.S. Ambassador at Large for Cyberspace and Digital Policy.

As the first person to ever hold that office, Fick leads the State Department’s newly created Bureau of Cyberspace and Digital Policy, which addresses national security challenges, economic opportunities, and implications for U.S. values associated with cyberspace, digital technologies, and digital policy.

Chief among the bureau’s responsibilities is ensuring the digital security of the U.S. and its allies, including against cyberattacks sponsored by foreign governments.

Increasingly frequent cyberattacks from North Korea have targeted the U.S.,South Korea, and other allied countries in recent years. The South Korean National Intelligence Service estimates that Pyongyang has stolen around U.S.$1.72 billion in cryptocurrencies worldwide since 2017.

Fick recently spoke with RFA Korean about the threat that North Korea poses, and strategies that the Bureau has to deal with it. The interview has been edited for length and clarity. 

Fick: The North Korean government uses malicious cyber activity to steal military secrets and intellectual property, which further isolates North Korea and the North Korean people, and the North Korean government uses malicious cyber activity to target human rights activists, dissidents and defectors around the world. 

So we are very interested in containing and deterring North Korean malicious cyber activity. The State Department has a Rewards for Justice program that offers up to $10 million in rewards for information that leads to the dismantling of some of these North Korean cyber organizations targeting critical infrastructure and financial services around the world. 

The North Korean people have a wealth of IT skills. And the North Korean regime has sent many North Korean IT workers around where they are posing in order to work in Western technology companies [to engage in] malicious cyber activity. We would far prefer for the skilled and talented people of North Korea to use those skills for the benefit of their own society.

 RFA:  How serious is the North Korean cyber threat to the United States and its allies like South Korea and Japan? Can we say that North Korea's threats have increased more over the past few years?

Fick: So the United States and its allies in Asia including South Korea and Japan, take the North Korean cyber threat very seriously for all of the reasons that I've described. Because of illicit financing, because of the theft of IP, because the North Korean government is developing new malware and is launching new attacks that are inherently global in their ability to threaten stability in cyberspace.  

Protesters burn portraits of North Korean leader Kim Jong-il [right] and his son Kim Jong-un during an anti-North Korea rally denouncing the North's cyber attacks in Seoul, South Korea, in 2009. Credit: Reuters

 RFA: How active do you expect North Korea to be this year in terms of cyberattacks and other threats? 

Fick: Well, Kim Jong Un has been explicit in talking about his desire to see an exponential increase in the size of his nuclear arsenal and that would require an increase in the ballistic missile forces including ICBMs. So I think we can anticipate an increase in malicious cyber activity in order to fund that military buildup. So our working assumption is that North Korea will remain a capable, destabilizing, and dangerously irresponsible cyber actor globally this year.

 RFA: What plans does the Bureau have to counteract any potential North Korean moves? 

Fick: So, the United States State Department, in concert with our other elements of the U.S. government, have a robust set of policies to maintain strategic stability in cyberspace to deter malicious activity and to respond to it when necessary. So I think it's essential to understand that this isn't only a cyber response to malicious cyber activity, we can use every element of national power to respond to and deter cyber activity. So that's diplomatic tools, economic tools, informational tools, and, if necessary, military. 

It's a whole government approach to do things like [identify] individuals who [have] conducted these kinds of activities, usually using sanctions tools, and and financial forensic tools in order to recover stolen funds and return them to the victims.

RFA: Are you aware of any new tactics North Korea is trying to use recently that the public don't know about?

Fick: Something that's interesting about cyber tools. And one of the reasons that regimes like North Korea use them is that they are relatively inexpensive. They are relatively hard in some cases to attribute and so we believe that they're constantly changing, right? They're innovative and dynamic. We're particularly concerned right now about North Korea's focus on decentralized financial exchanges, particularly cryptocurrency exchanges. And these are new financial instruments where regulation is still developing. And so, they're comparatively easy to penetrate and disruptive.

North Korea launches an intercontinental ballistic missile (ICBM) in this undated photo released Nov. 19, 2022 by North Korea's Korean Central News Agency (KCNA). Credit: KCNA via Reuters

RFA: There are reports that North Korean cyber hackers are living abroad, even in South Korea. They hide their identity and work with South Korean IT companies. So do you know how many North Korean hackers live abroad? Could they be in the U.S. as well?

Fick: So, before coming to the State Department, I ran a global technology business with smart young people working on our business, all of them. And so I have a real conviction and belief in the power of technology to help transform societies to bring economic opportunity to people. And I think that young people in North Korea are no different. I have no doubt that there are thousands  and thousands of talented, capable young IT professionals in North Korea. Many of them have left the country many of them have been sent out of the country to work undercover in western, South Korean and even American technology firms in order to use their skills to advance the agenda of the North Korean regime in order to  steal money, in order to steal secrets, and in order to empower the regime.  My request to them. My hope for them is that instead, they would use their skills to build things, to build tools, to build applications to build IT capability, to help their society and help their people rather than to undermine strategic stability.

RFA: North Korea fired more than 60 ballistic missiles last year and has carried out many other provocations. People are wondering where all the money to fund the missiles has come from since U.N. and U.S. sanctions still remain in place. North Korea has also been even more isolated after the COVID-19 pandemic. What role do you think illegal cyber activities play in North Korea to evade sanctions?

Fick: So North Korea is one of the most highly isolated countries in the world. And we have a deep and abiding belief that it is worthwhile to connect the North Korean people to the world.  The government, if it's going to do things like test missiles and increase the sizes of its offensive forces and its nuclear forces, needs money. And so illicit cyber activity is a key means for the DPRK regime to evade sanctions to steal money in order to fund its military buildup. We would far prefer to see the government spending those same resources on food, education, housing, and development for the benefit of the North Korean people.

RFA:  Is the Bureau prepared for the North Korean cyber threat, and prepared to prevent Pyongyang’s illegal cyber activity?

Fick: We're very focused on North Korea's illicit cyber activity and highly motivated to stop their theft of money, their theft of intellectual property in their evasion of sanctions in order to continue the military buildup on the peninsula instead of caring for the well being of their people.


Add your comment by filling out the form below in plain text. Comments are approved by a moderator and can be edited in accordance with RFAs Terms of Use. Comments will not appear in real time. RFA is not responsible for the content of the postings. Please, be respectful of others' point of view and stick to the facts.