SIM Report: Northeast Asia, Issue 10


Ha Tae-keung, a conservative lawmaker in South Korea’s national assembly who was briefed by intelligence officials, on Friday (27 November) said that the National Intelligence Service (NIS) – the country’s intelligence agency – has thwarted attempts by North Korean threat actors to disrupt South Korean pharmaceutical firms’ efforts at developing a COVID-19 vaccine.

Ha’s claims are credible. They come after Microsoft’s allegations on Friday (13 November) that three hacker groups supported by the Pyongyang and Moscow had tried to breach the networks of seven major drugmakers and vaccine researchers in Canada, France, India, South Korea and the United States. Pyongyang is thought to have enlisted up to 6,000 hackers, most of them based in countries including China and Russia, according to Yonhap News Agency. Additionally, North Korea is experiencing a ‘very high’ level of humanitarian crisis severity – the highest of a seven-tier crisis assessment scale – due to food and water shortages and insufficient medical infrastructure, according to a recent annual report by the Geneva-based international NGO Assessment Capacities Project (ACAPS). North Korean leader Kim Jong-un has been resorting to increasingly erratic measures to prevent COVID-19 outbreaks, including a ban on fishing and salt production due to fears that seawater could transmit the pathogen, according to the NIS.

Instability risks in North Korea have intensified from the aggregate adverse impacts of the COVID-19 pandemic, recent flooding, and long-standing sanctions. Sanctions by the US and the United Nations have significantly incapacitated the country’s medical system, prompting Pyongyang to take increasingly drastic measures to prevent any large-scale outbreaks. Such outbreaks would likely rapidly overwhelm the country. Draconian controls at the country’s porous Chinese border aimed to stave off COVID-19 have led to trade with its ally China to plunge by 99 per cent from September to October.

However, far from scaling back sanctions, the US has recently sanctioned Chinese and Vietnamese shippers for transporting coal to North Korea, as well as created a website for individuals to give tips to the US government regarding potential sanctions breaches in exchange for up to USD5 million. Heightened instability in North Korea raises the risk of cyberattacks by North Korean state-backed threat actors, especially on pharmaceutical companies involved with COVID-19 research. Increased cyberattacks are also likely during the US’ transition period ahead of the likely return of Washington’s policy of strategic patience towards North Korea, as under the Obama administration. The carrot-and-stick approach, combined with likely multilateralism under president-elect Biden, differs greatly from Trump’s comparatively unilateral approach towards Pyongyang marked by a cordial relationship with Kim.

North Korean threat actors are likely to ramp up ransomware attacks, including so-called ‘double extortion’ attacks, in line with current cybercrime trends. In such attacks, hackers threaten to publicise exfiltrated sensitive information if that ransom is not paid. Besides pharmaceutical firms, likely targets also include financial institutions, including cryptocurrency exchanges in particular. Proceeds will likely go towards the country’s weapons programmes, as well as serve to mitigate direct threats to Kim’s leadership amid the COVID-19 crisis.


CHINA & INDIA: Bilateral tensions set to continue despite rice imports