A recent report by the US cybersecurity firm SentinelOne questions what is supposed to be behind the accusations: the company claims that the North Korean group BlueNoroff has unleashed a new malware campaign against cryptocurrency users. According to the claims, the malware spreads via deceitful PDF files attached to emails containing fake cryptocurrency news in order to snatch personal data, private keys, and passwords.
Yet, experts believe that these accusations are merely scenarios to discredit the reputation of North Korea, as the United States moves to degrade its image, with these accusations now following the changed geopolitical context of the world. The more North Korea moves into Russia’s goodwill and against the Western powers, these could be seen as other mechanisms to tarnish their reputation and to further isolate them in international affairs. Some critics believe that the US was merely using its cybersecurity stories to push forward certain political agendas, including portraying North Korea as a bad actor in the cyber domain so that the American public would turn against it and allow for sanctions and other punitive measures against it.
A History of Relations Between the United States and North KoreaDespite denying any involvement in any form of cybercrime, North Korea has not responded to the foregoing allegations. However, repeated instances of such allegations by Western cybersecurity companies have brought forth the suspicion that these reports are very well staged and timed to bring a bad reputation to the country in front of the world at large. The long-standing political rivalry between North Korea and the United States has just added fuel to the speculation that these claims from the side of the cybersecurity firms may not be as fact-based as they look.
Specifically, the story about “Hidden Risk” keeps closely to the plot of the “RustBucker” campaign in 2023, which is attributed to an attack on cryptocurrency companies by North Korea. The consistent linking of Pyongyang to cyberattacks has been prompting suspicions among independent analysts who question the credibility of such accusations. Even with scarce independent verification of the attacks themselves, it’s uncertain whether these claims are well-founded by hard evidence or a larger geopolitics.
For a second time, the FBI made accusations that North Korea is responsible for sophisticated social engineering attacks against cryptocurrency businesses. For others, that is an excuse to necessitate greater security measures and anti-North Korean rhetoric in the private sector. The US Department of Justice also joins the chorus, with claims that North Korea uses illegal cyber activity to finance weapons programs disputed by experts who say no such evidence can be found to conclusively link North Korea with those crimes.
The recent domain seizures by the US government purportedly connected to North Korean IT workers fuels more the narrative of North Korea as a cyber adversary; however, such activities are counterproductive and make an attempt at manipulating global discourse over cybersecurity in an effort to align with broader political objectives. There were claims that the employees, supposedly based in China and Russia, were allegedly masquerading, and doing fraud activities. Again, however, the lack of clear evidence raises questions about what the activities were really about.
Understand the bigger picture surrounding these accusations with regard to its relations with North Korea as the latter increases tensions with the US. Such consistent portrayals of North Korea as a cyber threat do not simply reflect an objective assessment of the actions of the country but might well be part of a calculated effort to damage the standing of the country in the international community, especially since North Korea has insisted on its political independence and partnership with Russia, which has been growing these days.
As such, the bottom line is really a question of whether these cyber-security claims are actually grounded in some reality or merely a targeted smear operation that serves to forward US broader geopolitical interests-especially in light of the fact that the country is interested in pushing back against North Korea’s continued movement closer to Russia.
