The government of North Korea is allegedly operating a dedicated facility for cybercrime with a focus on artificial intelligence.
The North Korea-focused outlet Daily NK reported that the reclusive state opened a new facility dubbed "Research Center 227." The facility is said to be operating 24 hours a day and coordinating with the government’s Reconnaissance Generation Bureau (RGB).
“In late February, the Supreme Commander issued an order to the RGB under the General Staff Department to enhance overseas information warfare capabilities,” Daily NK said, quoting an anonymous source within the country.
“This order included instructions to establish Research Center 227 for hacking technology research.”
In addition to coordinating global hacking efforts, it is believed that Research Center 227 is focused on the advancement of AI for use in cyberattacks, as well as fraud operations and intelligence gathering.
It is reported that in order to advance the new facility at least 90 cybersecurity professionals have been assigned to the unit, which is located in Pyongyang.
“Within the RGB, there’s a widespread belief that the new center was created to enhance foreign intelligence collection,” the site reported.
“However, the source indicated that the center will focus less on information gathering and more on developing offensive hacking technologies and programs.”
Cybercrime has become big business for the North Korean government as a means of circumventing the bevy of international sanctions that prevent it from doing business with much of the global community.
By stealing and laundering funds from organizations in other countries, the North Korean government is able to secure a vital cash flow that would otherwise be unavailable through legal means.
In addition to seeking income, the North Korean regime also uses its hacking operations as a means of gathering intelligence and intellectual property.
The has included the formation of highly dedicated hacking operations that are focused on specific campaigns and goals. Additionally, North Korean authorities were found to be behind a campaign to embed agents within Western organizations as outsourced IT workers.
The hacking effort has also included multiple tactics and techniques, recently it was found that some North Korean groups have begun shifting their methods to include new tactics such as remote desktop protocol (RDP) and supply chain infiltration.
