North Korean hackers are said to breach Sawiris' Orascom network

Register now

(Bloomberg) -- North Korea’s increasingly aggressive hackers are now going after one of the few foreign companies that has been willing to work with the intransigent regime.

Kim Jong Un’s cyber warriors broke into dozens of desktop computers and laptops at Orascom Telecom Media and Technology Holding SAE, the Egyptian giant owned by billionaire Naguib Sawiris that helped build North Korea’s communication networks, according to people familiar with the matter. Hackers gained access through emails laced with malware that exploits a security hole in Adobe Flash, said the people, asking not to be identified because the matter is private. The vulnerability has since been patched by security experts.

The hacking adds to growing troubles for Orascom’s business venture in North Korea. The company has struggled to repatriate profits and exercise control over its North Korean unit, which was established in 2008 and is called Koryolink. Sawiris met with Kim Jong Il and his brother-in-law Jang Song Thaek in early 2011 and told CNBC last year that he invested about $250 million in the joint company with Pyongyang. Millions of North Koreans now carry cellular phones as a result.

The business has faltered since Kim Jong Il died and his son, Kim Jong Un, came to power at the end of 2011. Kim Jong Un has executed his uncle Jang and allowed the launch of North Korea’s cellular network called Byol, ending Orascom’s exclusive rights. Since Orascom now competes with North Korea’s state-run firm, hackers may have sought to gather intelligence that would help the regime gain an edge in business and negotiations.

“According to our knowledge, the company has not been target to any cyber attacks,” said Manal Abdel Hamid, an Orascom spokeswoman. “However, as we take cybersecurity very seriously, we are taking all possible measures to protect the company and its proprietary.”

In 2015 Orascom said in a financial report that “control over Koryolink’s activities was lost."

North Korea’s hackers have become an increasingly strategic part of the country’s survival. Stationed both at home and in countries like China, the hackers collect information that can advance the country’s military interests on top of collecting hard currency.

Cyber espionage has a special role in North Korea as the regime lacks the resources to match other countries in conventional arms. North Korea is estimated to operate hundreds to thousands of hackers stealing secrets and generating hard currency. The country denies it has any role in cyber crimes.

U.S. cyber-security firm FireEye Inc. said in a recent report that a new North Korean hacking unit nicknamed Reaper has become more aggressive internationally and attacked a Middle Eastern telecommunications company, without naming the target. Traced to an IP address in North Korea, the hacking group began last year to attack targets in Japan and Vietnam as well, widening its focus beyond South Korea, FireEye said.

North Korea first launched cellular networks in 2002 and suspended them after a massive explosion two years later at a train station transited through by Kim Jong Il returning home from China. No internet access is available on North Korea’s mobile phones as the country restricts the flow of information for its 25 million citizens.

Bloomberg News