The Lazarus Heist: From Hollywood to High Finance: Inside North Korea’s Global Cyber War is an exciting book that seamlessly switches among North Korean history, international political intrigue, nuclear weapons development, assassination, and cybercrime. Geoff White tells an amazing story where state-sponsored hackers, in a little over a decade, financed the North Korean regime with $1.3 billion in stolen profits. The Lazarus Group, North Korea’s state-sponsored hackers, accomplished this by navigating the global commons of the internet and leveraged a global criminal network to achieve their ends.
White is a popular podcaster, author, and investigative journalist. His work focuses on cybercrime and technology. Audible has listed White’s podcast, The Dark Web, in the top ten since he started it in 2017. The podcast that this book is based on, The Lazarus Heist, was the number one podcast on the UK’s Apple Charts for a period. In addition to authoring two other books, Crime Dot Com and Rinsed: From Cash to Crypto, White gives talks to include “a live phone-hacking stage show,” according to his “About the Author Page” on Amazon.
White articulates the book’s purpose and key points of discussion well in the introduction. In his third paragraph, he asserts, “Computer hacks have become a key weapon in North Korea’s arsenal, and they now pose a significant threat to global security and stability.” White argues this didn’t happen overnight; rather, it started small and grew larger and more intricate over time. North Korea’s lengthy criminal experience allowed it to grow a global crime network that spanned the continents. It does not accomplish these criminal cyber feats with a large organization. Instead, it has a small core group that organizes and oversees its criminal operations.
The book has two central themes, which are stated in the introduction. The first is that cybercrime is quickly becoming the most common type of crime and that arming the user with this knowledge is the best defense against cyberattacks. According to White, cybercrime is the most common type of crime currently in the UK. This fact and the Lazarus Group’s common practice of establishing footholds in target networks with phishing emails drives the impetus of arming the reader to defend against cyberattacks. If network users deleted these “dodgy-looking” emails, North Korea’s hacking group would have greater difficulty achieving their aims, as seen in most of the hacks he discusses.
By starting the book with one of the most complex heists by the Lazarus Group, White stimulates the reader’s imagination. He tells the story of a complex theft that involves computer hacking, bank card forgery, and physical money theft from ATMs across India. His vivid storytelling arouses in the reader a desire to find out how North Korea could orchestrate such a feat. White’s style makes the pages fly by. Over the subsequent fourteen chapters, the author develops a convincing case that not only shows that North Korea developed the technical ability to hack bank computers and ATMs but also the criminal network to get the physical cash and launder it to fill North Korea’s coffers.
Throughout the book, White interweaves North Korean history and politics. He demonstrates how the Democratic People’s Republic of Korea (DPRK) struggles to generate wealth or achieve the self-sufficiency it desires. Cyber becomes the asymmetric advantage North Korea implements to achieve some of its Juche or self-sufficiency. Through cybercrime specifically, the DPRK generates revenue and sabotages its adversaries, such as the “Dark Seoul” attack targeting the Republic of Korea’s government or securing illicit funds to run their government, including nuclear weapons development. White details links between North Korea and the autonomous Chinese city of Macau, where much of the North Korean government’s clandestine and criminal operations allegedly operate. He ties a high-level dissenter of the regime, Kim Jong Il’s son Kim Jong Nam, to Macau and his eventual assassination in Malaysia.
The Lazarus Heist is a thrilling book that paints the picture of a DPRK who is using the cyber domain to achieve its goals in diplomacy, information, military, and economics. The author, Geoff White, does an excellent job of illustrating the regime’s increased isolation and desperation, and how the DPRK’s leaders have found cyber as their relative advantage as more traditional means are increasingly unavailable to them. However, North Korea’s prowess in the cyber domain was not achieved overnight. It has been an iterative process and a decades-long evolution. This book is an excellent read for anyone interested in the cyber domain and how the DPRK uses it to achieve their ends and thwart those of their adversaries.