Adapt Forward argues that DPRK cyber operators, commonly tracked as Lazarus Group, evolved from regional espionage and destructive activity into revenue-generating operations driven by sanctions pressure. The source cites earlier South Korea banking and broadcasting compromises, the Sony Pictures destructive attack, SWIFT-related bank intrusions including Bangladesh Bank, WannaCry, and cryptocurrency-exchange thefts as examples of expanding capability and financial motivation. It highlights fraudulent SWIFT requests, ransomware payments, and reported cryptocurrency thefts as mechanisms for raising funds and circumventing sanctions. The report frames cryptocurrency businesses and financial institutions as continuing priority targets for DPRK-linked activity in 2019.