The Not-So-Cryptic Case of North Korea’s Cryptocurrency Capers

Summary

Taking a short break from my somewhat tongue-in-cheek slants on security issues, let's take a by-the-book glimpse at the money behind some of the global security madness out there. In this case, the DPRK's "creative" use of the West's financial innovations against them.

Background and Context:
North Korea has faced significant international sanctions, limiting its ability to engage in global financial systems. This has driven North Korea's regime to seek alternative means of financing, including cyber operations, specifically targeting cryptocurrencies.

Cyber Operations:
Since 2018, North Korea has been implicated in a series of sophisticated cyberattacks aimed at stealing cryptocurrencies. These attacks have targeted exchanges and individual wallets, employing phishing, malware, and advanced persistent threat (APT) groups like Lazarus. North Korea's cyber capabilities are advanced, enabling them to execute complex heists and evade detection.

Cryptocurrency Theft and Conversion:
The stolen cryptocurrencies, including Bitcoin, Ethereum, and others, are typically laundered through a series of transactions to obscure their origin. Techniques such as "chain hopping" (moving funds across different cryptocurrencies) and using "mixers" (services that pool and scramble cryptocurrencies) are employed. The ultimate goal is to convert these assets into fiat currency or use them in a manner that supports the regime's objectives, including its nuclear program.

Impact on Nuclear Weapons Program:
The exact amount North Korea has garnered from these operations is unclear, but some estimates run into hundreds of millions of dollars. These funds are believed to contribute significantly to North Korea's nuclear weapons and ballistic missile programs. The financial infusion aids in procurement, development, and testing, circumventing international sanctions.

International Response:
The international community, including the United States, South Korea, and other nations, has made efforts to track and counter North Korea's cyber activities. This includes enhancing cybersecurity measures, increasing vigilance in the cryptocurrency sector, and imposing further sanctions on North Korean entities involved in these operations.

Likelihood of Personal Enrichment by Kim Jong Un:

1. Regime Structure and Control:
Kim Jong Un's absolute control over the regime and its resources suggests that he has the capacity to divert funds for personal use. However, the opaque nature of the regime makes it challenging to determine the extent to which he does so.

2. Historical Precedence:
Dictatorial regimes, particularly those under stringent international sanctions, have a history of leaders accumulating wealth for personal security and luxury. This could be a relevant factor in the case of Kim Jong Un.

3. Resource Allocation Priorities:
It's likely that a majority of the stolen funds are allocated towards state priorities, including the nuclear program and maintaining regime stability. Personal enrichment, while possible, might not be the primary objective.

Given these conditions, while it is possible that Kim Jong Un could be retaining a portion of the stolen cryptocurrencies for personal enrichment, the extent and probability of this are difficult to ascertain without concrete evidence. The secretive nature of the regime and the lack of transparency in its financial dealings make any definitive assessment challenging.

Challenges and Future Outlook:
The anonymous and decentralized nature of cryptocurrencies continues to pose a challenge in completely curbing North Korea's illicit activities. As the digital currency landscape evolves, we should expect to see North Korea adapting and refining its strategies to exploit this sector for its economic and strategic gains.

Exclusive: Record-breaking 2022 for North Korea crypto theft, UN report says
https://www.reuters.com/technology/record-breaking-2022-north-korea-crypto-theft-un-report-2023-02-06/

FBI Identifies Lazarus Group Cyber Actors as Responsible for Theft of $41 Million from Stake.com
https://www.fbi.gov/news/press-releases/fbi-identifies-lazarus-group-cyber-actors-as-responsible-for-theft-of-41-million-from-stakecom

North Korean hackers have allegedly stolen hundreds of millions in crypto to fund nuclear programs
https://www.cnbc.com/2023/09/06/north-korea-hackers-stole-crypto-to-fund-nuclear-program-trm-chainalysis.html

Sanctions Against North Korea Summary
https://sanctionscanner.com/knowledge-base/sanctions-against-north-korea-47

Inside North Korea's Crypto Heists: $200M in Crypto Stolen in 2023; Over $2B in the Last Five Years
https://www.trmlabs.com/post/inside-north-koreas-crypto-heists