Markets by Trading view

North Korea using stolen crypto to evade UN sanctions


According to a forthcoming UN report, North Korea has engaged in dozens of cyberattacks and stolen millions of dollars in cryptocurrency. Between 2020 and mid-2021, North Korea is believed to have stolen in excess of $50 million of digital assets. This follows reports from the blockchain forensics firm Chainalysis that suggested regime hackers had stolen as much as $400 million from attacking cryptoexchanges in the same period. The UN report argues that this activity has allowed North Korea to continue funding its ongoing nuclear and ballistic missile programme.

North Korea became subject to severe UN sanctions in 2017 after a round of intercontinental ballistic missile tests. Sanctions covering up to 90% of the North Korean economy have resulted in a severe economic contraction in the country, which has been further exacerbated by the regime’s decision to close its borders to almost all foreign trade for the majority of the Covid-19 pandemic. These economic measures are intended to persuade North Korea to halt its testing and development of missiles, however in the last month alone, the regime carried out nine missile tests.

There have long been concerns that North Korea is able to circumvent sanctions through illicit activity of this kind. Last year, the defence think-tank Royal United Services Institute (RUSI) warned that “the North Korean regime is evading sanctions at a faster rate than the international community is able to tighten the sanctions regime.” RUSI pointed to “more modern techniques of revenue generation such as cyber attacks and crypto raids,” as well as “the sale of natural resources,” as examples of how the regime is able to continue gathering funds despite the fact it is almost entirely barred from the international financial system.

Because blockchain systems are decentralised and anonymous, North Korean hackers are able to transfer funds mostly without interacting with formal economic structures, such as banks and the SWIFT network, from which they are excluded. As a 2019 UN sanctions report outlined, “large-scale attacks against cryptocurrency exchanges allow North Korea to generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector. North Korean cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for the country’s weapons of mass destruction programmes, with total proceeds to date estimated at up to $2 billion.”

The regime has targeted a number of cryptoexchanges, mainly those based in South Korea but also further afield. Korean exchange Bithumb has been attacked at least four times, with total losses standing at almost $70 million. Youbit was forced to cease operations in December 2017 after North Korean hackers seized 17% of its assets. The UN believes this money is being used to fund weapon proliferation, and to sustain the regime economically and thereby mitigate the impact of wide-ranging sanctions.

As Edward Howell, a lecturer in North Korean politics at the University of Oxford, told DisruptionBanking:

“We should not be surprised at the extent to which the North seeks to extort cash from unconventional sources, given the sheer value it places on its “treasured sword” – its nuclear programme. Although we have not seen a nuclear test or ICBM launch since 2017, and in 2018 Kim Jong Un pledged to focus on his “new strategic line” of economic development, it would be naïve to assume that Pyongyang’s nuclear ambitions were complete.

“The logic seems clear. Just because the North has declared its nuclear programme to be “complete” – a dubious claim in and of itself – does not stop it from finding new ways, namely through cyberspace, to extort cash.”

UN officials have also discovered that, aside from stealing crypto-assets, there has also been a marked increase in North Korean officials engaging in crypto mining as a way of raising funds. It is believed that a professional branch of the military is now dedicated to mining activity. One report traced sizeable amounts of Bitcoin and Monero mining activity to North Korea, with mined funds potentially being used for weapon proliferation.

North Korea was also previously involved in a curious blockchain project called Marine Chain. This was set up in 2018 and essentially allowed users to own a percentage of maritime vessels in exchange for digital tokens. Based on the Ethereum network, vessel owners were able to tokenise their vessels, with investors being able to purchase and trade part ownership of marine assets. While the company was registered in Hong Kong, the UN sanctions panel found that at least one North Korean was involved in the scheme, and suspected this was conceived as an attempt to generate funds in defiance of sanctions and launder money through the blockchain.

Evidently the nature of the blockchain, which is decentralised and facilitates anonymous payments and financial activity, poses problems for those seeking to enforce sanctions. While governance structures like the UN are able to wield a tremendous amount of power against well-established financial structures – as was clear when SWIFT cut off North Korean banks from its systems – its ability to govern emerging decentralised structures is more questionable.

In an attempt to deal with this issue, the UN has called for member states to ensure their national regulations governing financial structures extend to “non-banking financial institutions, including cryptocurrency exchanges,” and that all financial institutions have resilient defences in place to guard against cyberattacks. The UN Panel of Experts also argued for cryptoexchanges to be under the same obligations as traditional banks when it comes to money laundering, suspicious transactions and sanctions-evading activity.

Blockchain and crypto systems are set to offer huge improvements to the way we use and exchange money. But it is clear that a serious effort is required to ensure all cryptoexchanges are as compliant, and as resilient to external threats, as the majority of established financial institutions. 

Author: Harry Clynch

#NorthKorea #Pyongyang #UN #Crypto #DigtialAssets #Sanctions #Cybersecurity #Decentralisation #SWIFT #Bithumb #Youbit #CryptoMining #MarineChain #HongKong

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts


Sign up for our free newsletter and receive the latest banking and fintech stories, straight to your inbox - every week