North Korea's secretive nuclear weapons programme - The Lazarus Heist S2, Ep9 - BBC World Service

oh really. Underestimating North Korea. That's certainly one of the themes of this podcast, right? Absolutely. And it's a message I've tried to convey with all my work on North Korea. That is why I share Mr. Kim's concern. It's easy to look at North Korea's struggling economy and think: how could this poor country threaten the

world

?   The

world

may have mocked Kim Jong-un when he first appeared, but make no mistake. He is an ambitious young man with the sole mission of securing the future of his country and the position of his family, by any means necessary. This regime is much more dangerous and more capable than the world believes.

This kind of thinking may have slowed the world's response to North Korea. Take the

nuclear

issue as an example. For years, North Korea has been saying it could soon mount a powerful

nuclear

bomb on a missile capable of striking American cities. Western analysts took that claim with a grain of salt.  But Melissa Hanham, the open source researcher we heard from earlier, says it may already be too late to stop them.  North Korea is nothing if not creative, intelligent and agile. It's much harder to try to cover all the money and equipment bases. They constantly changed their plan, adapted it.

And it's difficult, it's a lost battle. I think the best time to stop your missile program is probably over. In fact, Melissa says North Korea may already have all the knowledge needed to launch a nuclear missile. But the only way she can know for sure, the only way any of us can be sure, is if Kim Jong-un decides to try one. But holy cow, that's... that would be terrifying. I mean, that would be so risky that it could start World War III.   I don't think Kim Jong-un wants to use these

weapons

in a first strike, although he recently stated that he has the right to do so.

He is not suicidal. He knows that a nuclear war would also destroy North Korea. What keeps people like Melissa awake at night is the fear that such tests could cause one of the world's leaders to misjudge, panic, and rush into action.  I think we need to have confidence in our leadership to keep a cool head. We need to be sure that our leadership will not overreact or miscalculate. I think the really scary thing is that if we have an elected official who wants to throw caution to the wind, we could have an accidental nuclear war. Kim Jong-un is not done.

He will continue to try to improve his arsenal, making it deadlier, more accurate, faster to launch and harder for his opponents to defend. Two years ago, he presented a terrifying list of

weapons

he wanted to perfect. Hypersonic missiles, missiles that carry multiple warheads, and he's been checking off that list, one by one. And a big part of the funding for that work comes from tricks we've covered on this podcast, plus others that have happened since we launched this season and ones we don't know about yet. The fascinating thing is that arguably North Korea's most powerful weapon, the one keeping Kim Jong-un's ambitions afloat, is this team of young people trained from childhood to become some of the most prolific hackers in the world.   Who exactly these men are remains a mystery to us.

I mean, other than a few text messages with the shady Bobby Sierra, it's been impossible for us to get close to them. Good. That's why we want to finish by introducing you to someone who has followed the Lazarus Group from the beginning.   Someone who followed them so closely that he even managed to connect with them online.   His name is Simon Choi. I met him at his coworking space in Seoul, South Korea. Simon is a young cybersecurity researcher. When he was a child, he loved video games and that hobby transformed into a fascination with piracy.  He studied cybersecurity in college and ended up doing his mandatory military

service

in the army's cyber defense force.   He later continued working in cybersecurity and became so respected in his field that South Korean intelligence

service

s have sought out his expertise.   In some ways, he leads a life parallel to that of the North Korean hackers on the other side of the DMZ.

Simon is also a trained hacker. He honed his skills working for South Korea, but he's using that training to defend himself against North Korea. He is on the other side of this cyber war.  - Explain to me what this is, what are we looking at? It seems like a lot of email addresses... Simon pulls out a laptop and turns it around to show me something.  Evidence he found after gaining access to the inside of a North Korean hacker's PC. He used that access to observe this hacker at work in real time. Oh, these are goals, people's names and their email addresses.

What they would do is obtain the email addresses and embed malicious code into the emails and keep sending them to different targets.   The hackers then stole information from the infected computers. And they would continue doing it, without resting. And I thought: this is a very simple and repetitive hack. This is the kind of thing you can't do unless your government forces you to do it. On one screen, I can see a list of email addresses, phone numbers, and names. Simon explains that these are the next targets of this hacker. - Oh my God! One of... oh, I hope I'm not on this list, but I see some people I know on this list, including someone we had in the first season.

The people on this list are North Korean experts, politicians, academics, and diplomats. It's chilling to see the name of one of the experts we included in the first season of The Lazarus Heist.  And I know I'm on lists like this too because I receive phishing emails from suspected North Korean hackers almost daily. We wanted to talk to Simon because he says he found a way to talk to North Korean hackers. To achieve this, he used a pretty clever trick called a honey trap. In the world of old-school intelligence, a honey trap meant deploying an attractive spy who would use his romantic charms to obtain information from a source.

Simon was doing the cyber version, which, let's be honest, is a little less sexy. He was able to disguise one of his computers to make it look like it belonged to a person or institution that he knew Lazarus hackers would be interested in attacking. Sure enough, hackers were tempted to break in. Once they were inside his machine, Simon had a way of writing messages to them. Maybe the hackers were impressed, maybe even amused to have been tricked this way, because surprisingly one of them was willing to chat. They responded and I realized they spoke Korean. I asked him, "Are you a North Korean hacker?"   And they said, "Yes, I am."  And I said, "You're pretty good."   And the person responded, "You're good too.

You found out who we are." I've been studying this for over 10 years, but you can't talk to them or find out their identities, so moments like these are incredibly impressive to me.   When he tries the same honey trap method again, he gets an intriguing response. I ran into a North Korean hacker creating ransomware and asked him, “Where are you?”   They said: "Europe." And suddenly, the hacker asked me: "How much do they pay you?" I asked him the same question: "And how much do they pay you?" And without responding, the hacker left. This hacker probably has watchers watching his every move, so he takes a risk by chatting with Simon.   And what he wants to know most, the question he's willing to risk his safety for, is how much does Simon get paid?

Maybe what you're really wondering is how much I could get paid if I'd been born on the other side of the Korean DMZ, like Simon, in the free world. You can imagine him looking up from his keyboard, looking around the cramped dorm room he probably shares with a bunch of other guys, all working grueling hours, and allowing himself to wonder: How much are my hours worth? What am I worth? Maybe he could find out, if he could somehow escape to a new life.   Just as we are curious about them, these hackers are curious about us. And it is exactly this kind of curiosity that has driven so many North Koreans to defect.

We simply cannot know. But one thing is for sure. The Lazarus Group hackers already know a lot more about us—about how we live, how we bank, how we think, what phishing emails will click on—than we probably know about them.  This is perhaps their greatest power and they have used it to carry out the hacks and

heist

s that we cover throughout this series. And that makes us all incredibly vulnerable.  Right now, possibly at this very moment, they are using all that knowledge to figure out where to attack next.    The Lazarus Heist is an original podcast from the BBC World Service.

I'm Geoff White and I'm Jean Lee. Our producer is Viv Jones.  Our original music was composed by Magnus Fiennes and Lee Il-woo of the South Korean band Jambinai.  It's been a real pleasure making this podcast for you and we'd like to thank the team at the BBC who have helped make this series listen so well. We have also loved reading all your comments and reviews. If you enjoyed the podcast, spread the word and tell all your friends to listen to it too. And remember, stay safe. Do not click on any suspicious links. And thank you very much for listening.