Cryptocurrency Scams Fund Nuclear Weapons in North Korea

According to a United Nations report, cybercrime financed 40% of North Korea’s weapons of mass destruction programs. The legal vacuum generates a climate of impunity, experts point out: “harmful” cyber attacks with theft of cryptocurrencies would have earned North Korea around 3 billion dollars (15 billion reais) between 2017 and 2023, enough to cover up to 40% of the costs with the programs for the production of weapons of mass destruction by the Kim Jong-un regime. The conclusion comes from a recent report produced by a United Nations panel of experts monitoring sanctions against the country.

According to DW, cryptocurrency industry analysts are “extremely concerned” about the effectiveness and impunity with which a powerful state actor appears to be stealing virtual currencies and the slowness with which international law has reacted to the rapid development of cryptocurrencies. branch.

This is due, in part, to the fact that governments in many of the countries most threatened by North Korea’s cyber attacks – particularly South Korea, Japan and the United States – are currently facing other serious, time-consuming political challenges. and energies. . .

Released on March 20, the United Nations report on North Korea’s cyber activities investigated 58 attacks against cryptocurrency companies and concluded that Pyongyang is not only behind all of them but also continues to attack financial institutions – a strategy to circumvent UN sanctions and cover the high costs of developing nuclear weapons and long-range missiles.

“The Democratic People’s Republic of Korea (DPRK)’s malicious cyber activities account for approximately 50% of its foreign exchange earnings and are used to finance its weapons programs,” the report said.

Citing information provided by unidentified UN member states, the document’s authors further claim that these same cybercrime revenues fund “40% of the DPRK’s weapons of mass destruction programs.”

Hackers use social engineering techniques

An analyst at Brave New Coin, a cryptocurrency research firm based in Auckland, New Zealand, Aditya Das says the “scale and complexity” of the activities of one such hacking group, Lazarus, has shocked the industry. They are seen as a front for North Korea’s official hacking team.

“The volume and quantity of virtual currency thefts associated with the Lazarus Group are unprecedented: $615 million from Ronin Network, $100 million from Horizon, $100 million (R$501 million) from Atomic Wallet,” comments Das. “It seems like they are keeping an eye on all the big cryptocurrency platforms.”

The analyst warns that Lazarus, “with its large network and repetitive attack approach”, appears to also target smaller groups and individuals, and explains the group’s operational tactics: “Lazarus is known for its social engineering and phishing, which target employees of large organizations by sending them emails and LinkedIn messages with infected attachments.”

It was thus, using a “sidechain” associated with the blockchain game Axie Infinity, that hackers managed to access the Ronin network in April 2022. In such a “sidechain”, transactions can be carried out without detection. The company estimates that the fraudulent withdrawals totaled nearly $615 million.

The legal vacuum makes it difficult to fight cybercrime in the cryptocurrency sector

The security of the cryptocurrency industry is also hampered by the decentralized, free and global nature of these assets, which users like but makes regulation by governments difficult.

“If possible, it would be good if the real criminals and not the apps they use were prosecuted,” says Das. “But we know how well North Korea covers its tracks and denies hacker attacks. If criminal prosecution is not possible, prevention is the best option for now.”

North Korea continues to financially support its hacking teams because they represent an important source of revenue for the regime. And so, according to Das, future cyber attacks will continue to be successful.

But they pose not only a risk to companies in the financial sector, warns Park Jung-Won, professor of international law at Dankook University, South Korea. According to him, these hackers regularly test the security systems of South Korean authorities: banks, companies that maintain contracts with the military and infrastructure, such as the nuclear energy sector.

“We are very familiar with the North’s illegal activities. In recent years, the government and military have paid much more attention to them and provided additional resources to ensure the country’s security,” says Jung-Won.

Regulation faces a lack of consensus

At an international level, efforts are also being made to create laws that regulate the sector globally, but until then there are still major obstacles to overcome.

“We are trying to create laws that combat cyber theft, cyber terrorism and other similar crimes. However, it is difficult to develop well-defined standards because they require the consensus of all states involved,” says Park. “There are currently many loopholes that bad actors like North Korea can exploit.”

Even within South Korea, it is difficult to reach agreement on laws against cyber attacks that threaten the country, the professor reflects. With just under a month to go until the elections, the government and opposition parties are still not willing to reach an agreement.

“We know that the North has created and trained teams of specialized hackers, who are very efficient and whose only job is to attack us,” warns Park. “We must urgently respond to these challenges.”