(CNET)— North Korea is at odds with countries like the US and South Korea, but it’ll gladly use their technology.
Researchers at Recorded Future, a threat intelligence company, said in a report Wednesday that North Korean hackers have used technology from Microsoft, Apple and Samsung to carry out cyberattacks. The isolated country has been behind major cyberattacks, including the 2017 WannaCry ransomware assault, which locked up thousands of computers across 150 countries and ensnared hospitals, universities and airports with its malware.
North Korea’s government was also behind the 2014 Sony hack, which was considered one of the most destructive attacks on a company on US soil at the time.
Microsoft and Samsung didn’t immediately respond for a request for comment.
Priscilla Moriuchi, director of strategic threat development at Recorded Future, said the team discovered an “overwhelming presence of American software” on North Korea’s network. Despite decades of trade sanctions, North Korean hackers have used workarounds and loopholes to get hold of US and South Korean technology for its attacks, she said.
“North Korea has pretty much professionalized working around sanctions for the past 30 years,” Moriuchi said. “For decades, they’ve conducted and run these illicit networks around South East Asia, East Asia, China.”
US technology isn’t supposed to find its way to North Korea, but several loopholes in trade sanctions have allowed electronics to get through. According to the report, North Koreans have used fake addresses and names to get around sanctions, including a shell company called Glocom.
Recorded Future researchers said Glocom has used a network of fake companies in Asia to purchase US parts from resellers and even cleared payments through a US bank account at one point.
“These are gaping holes we’re allowing rogue regimes like North Korea to exploit,” Moriuchi said. “We don’t want American technology victimizing American businesses and government.”
Companies that have been caught sending US technology to North Korea have faced consequences, like Chinese phone giant ZTE.
Hardware and software detected on North Korea’s network include Apple’s iPhone X and Microsoft’s Windows 10. Through a partnership with a third-party metadata collection service, Recorded Future said it also found devices like Samsung’s Galaxy S7 and Galaxy S8 Plus on North Korea’s network.
The researchers used five separate data sources to confirm their findings, including Shodan, a search engine for finding internet-connected devices.
Because of changing policies over the last two decades, North Korea has also been able to legally purchase many US computers and phones, Moriuchi said.
Since 2002, US exporters have sent $483,543 worth of electronics, much of it outdated devices, to North Korea. In some years, such as 2006, total bans prevent any sales. In other years, policies have changed and North Korea has been able to purchase US electronics.
Another loophole is the absence of a definitive standard for sanctions across the world. While electronics fall under “luxury goods” in US sanctions restrictions, they don’t in China. In the EU, the luxury goods definition only applies to products that are worth more than 50 euros (about $58).
“The problem is that each country is allowed to interpret the term ‘luxury goods’ however they feel,” Moriuchi said.