They take legitimate jobs as software programmers in the neighbors of their home country, North Korea. When the instructions from Pyongyang come for a hacking assault, they are believed to split into groups, moving around to avoid detection.
Since the 1980s, the reclusive North has been known to train cadres of digital soldiers to engage in electronic warfare and profiteering exploits against its perceived enemies.
Now, this force of North Korean hacker sleeper cells is under scrutiny in connection with the ransomware assaults that have roiled much of the world over the past four days. Signs have emerged that suggest North Koreans not only carried out the attacks, but that the targeted victims included China, North Korea’s benefactor and enabler.
While there is still nothing definitive to link the attacks to North Korea, similarities exist between the ransomware used to extort computer users into paying the hackers and previously deployed North Korean malware codes.
Moreover, North Korea has in the past deliberately timed cyberattacks to coincide with its banned weapons tests — like the ballistic missile launched on Sunday — as a way of subtly flaunting the country’s technological advances despite its global isolation.