In their pursuit of foreign currency, North Korean cybercriminals are increasingly leveraging artificial intelligence, a development that cybersecurity experts believe will be extremely difficult to contain.
Despite efforts by major US-based AI companies to restrict accounts linked to North Korea’s state-backed hackers, experts warn that these measures are unlikely to stop the exploitation. Since late January, OpenAI, the creator of ChatGPT, and Google have announced efforts to shut down accounts suspected of being used by North Korean operatives, revealing how their platforms have been manipulated for illicit purposes.
However, the regime’s hackers are adept at circumventing restrictions using tools like virtual private networks (VPNs), shell companies, and brokers, industry insiders have noted. “Threat actors will use the cheapest and most efficient tool to get the job done,” said Rafe Pilling, director of threat intelligence at the US-based cybersecurity firm Secureworks, in an interview with This Week in Asia. “Many cybercriminals prefer online services that are free to sign up for or can be paid for via cryptocurrency. This would likely be true for North Korean IT workers as well.”
Analysts point out that North Korean operatives are not limited to using US-based AI tools like ChatGPT or Google Gemini. More accessible and often less secure generative AI platforms are emerging worldwide, offering avenues that may be less protected against misuse.
