For years, casual observers of North Korean cyber threats smirked at the country’s lack of Internet access and technical expertise. It took the Sony Pictures hack of 2014 to upend the perception that the DPRK had nothing more than “ragged, self-made technologies, accompanied by bluster and exaggeration,” and simply wasn’t capable of doing something worse. 

That ability is now out of question: A string of sophisticated financial cyber crimes and data thefts have shown that North Korean hackers are able to conduct long-term reconnaissance on their targets, trick experienced executives using elaborate social engineering attacks, exploit weaknesses in the international banking system and deploy a wide range of blockchain technologies to move stolen money around the globe.