Best Infosec-Related Long Reads of the Week, 11/19/22
How North Korea became one of the world's top cyber criminals, Royal Thai Police came to California to help hunt for Alpha Bay's mastermind, U.S. war on Chinese tech can have catastrophic consequences
Metacurity is pleased to offer our free and paid subscribers this weekly digest of long-form infosec pieces and related articles that we couldn’t properly fit into our daily crush of news. Tell us what you think, and feel free to share your favorite long-reads via Twitter @Metacurity. We’ll gladly credit you with a hat tip. Happy reading!
How North Korea became a mastermind of crypto cyber crime
The Financial Times’ Christian Davies and Scott Chipolina examine the rise of North Korea as a significant cyber crime player and how the $620 million hack of Axie Infinity earlier this year exposed how vulnerable the U.S. and allied countries appear to be to against large-scale North Korean crypto theft.
Kim Jong Il is quoted in a book published by the North Korean army as having said that “if the internet is like a gun, cyber attacks are like atomic bombs.” But it was only under his son Kim Jong Un, who assumed power in 2011, that the country’s cyber capabilities started to garner international attention.
While less than 1 per cent of the North Korean population is estimated to have restricted and closely monitored access to the internet, potential members of the country’s army of approximately 7,000 hackers are identified while still at school. They are then trained and groomed at elite government institutions, with some also receiving training and additional experience in China and other foreign countries.
“They train people who show early indications of being strong in cyber and they send them to other places around the world and embed them into organisations, embed them into the society and culture,” says Erin Plante, vice-president of investigations at Chainalysis. “You have these hacking cells based all around the Asia-Pacific region merging in with the rest of the tech community.”
The Hunt for the Dark Web’s Biggest Kingpin, Part 4: Face to Face
In this excerpt of his new blockbuster book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, Wired’s Andy Greenberg tells the story of Operation Bayonet, which brought a team of Royal Thai Police officers to Sacramento, California, as part of the hunt for Alexandre Cazes, the mastermind behind the dark web marketplace AlphaBay.
Between meetings, Sanchez took the Thai group on field trips: to a golfing range, to a shopping mall—where the officers descended ravenously on a Coach outlet—and on an outing to San Francisco in rented vans. The Thais, accustomed to the tropics, nearly froze on Fisherman’s Wharf; they were so jet-lagged and exhausted from their sightseeing frenzy that they slept through the drive over the Golden Gate Bridge in both directions. On another day, the FBI gave the Thais a tour of the explosives lab at the bureau’s Sacramento field office, showing off the agency’s bomb-defusing robots. Paul Hemesath, the prosecutor, later brought out his HTC Vive VR headset, and the two countries’ agents took turns walking a plank over a digital abyss and swinging virtual swords at zombies.
When they weren’t busy with tourism and team-building exercises, the agents were grappling with the practical details of raiding a dark-web kingpin. At one point, the case’s lead FBI agent presented the looming problem of Cazes’ laptop encryption. Sanchez and the Thais explained that based on their surveillance, Cazes almost never opened his machine outside his own home. The agents agreed: They’d have to catch him in his house, logged in to AlphaBay and yet somehow off guard so that he wouldn’t shut the laptop before his arrest.
Almost as important as the computer was Cazes’ iPhone. The FBI told the Thais they’d need to grab it unlocked, or it too would be irretrievably encrypted. That phone, after all, might hold keys to Cazes’ cryptocurrency wallets or other crucial data. The question of how to thread the needle of capturing these two devices and their information hung in the air, unanswered.
How the U.S.-Chinese Technology War Is Changing the World
Agathe Demarais, the global forecasting director at the Economist Intelligence Unit and the author of Backfire: How Sanctions Reshape the World Against U.S. Interests, offers this parable in Foreign Policy of how the lack of Chinese-made controlled-burning drones exacerbated the damage of wildfires in California, one catastrophic consequence of the U.S. war on Chinese technology.
In recent years, the U.S. government has also become increasingly worried that letting Chinese technological companies operate on U.S. soil or having U.S. government agencies use Chinese-made technology puts national security at risk. This was the reasoning behind the grounding of the controlled-burning drones on the West Coast. The issue is far from limited to drones, however. The argument goes that all of China’s high-tech companies have ties to the Chinese state and may be compelled to secretly gather data on their Western consumers.
On paper, these concerns appear valid. Although there are no public records of such an occurrence, China’s national security law may force Chinese companies that operate in the United States to collect information on American citizens or businesses and to send these data back to Beijing. Chinese firms have no choice but to cooperate with Beijing; according to China’s regulations, the companies have no right to appeal such requests. Many U.S. firms already take these issues seriously. Technological supplies to Google and Facebook, for instance, have to be China-proof.
