North Korea’s economy has been suffering for a long time. Victims of this situation are largely the North Korean people, who experienced a reduction in daily food rations from 360 grams (12.7 ounces) to 300 grams (10.6 ounces) per person in January 2019 after a year of poor harvest. Sanctions imposed by the United Nations Security Council (UNSC) and by the United States have driven the country’s economy deeper into crisis, but the government of the Democratic People’s Republic of Korea (DPRK) may have found a way to uphold its military ambitions in spite of relentless sanctions. Cryptocurrency and cybercrime are convenient tactics because they are evasive, anonymous, and can be difficult to track.
Sanctions issued by the United Nations (UN) against North Korea freeze financial assets, restrict oil imports, limit fishing rights, ban the export of coal, minerals, agricultural products, and wood, and block the import of luxury goods and natural gas. U.S. sanctions place a stronger focus on economic aspects and aim to stop North Korea’s missile and nuclear weapons development programs. Such extensive restrictions have led the government of North Korean leader Kim Jong-un to increasingly turn towards cryptocurrencies and blockchain technologies to fund its nuclear weapons program and other military activities. From April 18 to 23, 2019, North Korea hosted an international conference on blockchain. During this event, a reported 100 technology experts from around the world met to collaborate and exchange ideas. In line with the North Korean government’s policies, journalists as well as citizens from South Korea, Japan, and Israel were excluded from the guest list.
Sanctions may corrode the country’s economy, but its government has not displayed any intent to discontinue its missile and nuclear weapons program fully. A report by the United Nations Security Council on North Korea from March 5, 2019 stated that sanctions induced very limited effects as Kim Jong-un’s government continues to persist with its defense plans. As North Korea spends a large portion of state funds on the military and on government officials, the country has a substantial need for illicit capital. This is where North Korean cybercrime groups are relevant. Highly-skilled hacking groups working for the North Korean government such as APT 38 and Lazarus facilitated financial flows of more than 1 billion USD into the country. State-sponsored North Korean cyberattacks targeting cryptocurrency exchanges in Asia earned the country a yield of more than 500 million USD between January 2017 and September 2018. Government authorities presumably intend to either spend cryptocurrency directly or convert it into fiat money.
APT 38 allegedly consists of less than 20 individuals who are supervised by the Reconnaissance General Bureau, North Korea’s main intelligence office. They are believed to hack into financial organizations in South Korea, Taiwan, the Philippines, Vietnam, India, Pakistan, Bangladesh, Turkey, Mexico, Chile, and Turkey. The Lazarus Group is said to be the mastermind behind heists like the Sony Pictures hack in November 2014, the WannaCry ransomware attack in May 2017, and a raid of South Korea’s biggest cryptocurrency exchange Bithumb in June 2018 in which 31.5 million USD of cryptocurrency was stolen.
Such groups invest several months into bigger hacking projects and use various tactics to hack into cryptocurrency exchanges. One of these is the practice of spear-phishing, which is the distribution of fraudulent, virus-infested emails to gain access to confidential information. Another tactic is voice phishing, which focuses on calling victims, tricking them with fake identities, and coaxing them into transferring money into cryptocurrency exchange accounts that are plundered by hackers shortly afterwards. A large-scale project was the Marine Chain fraud. Investors were led to believe that Marine Chain was a marine vessel transactions company offering ownership of parts of ships in exchange for Ethereum blockchain-supported cryptocurrency.
While North Korea’s authorities argue that introducing blockchain technology and cryptocurrencies into the country will be in the interest of its citizens, North Korea’s infrastructure and internet system hint at other plans. Internet in North Korea comes in the form of an intranet that is highly controlled by the government and does not grant access to web pages from outside of the DPRK. Therefore, cryptocurrency exchange between North Koreans and foreign account holders will be highly unlikely. At the same time, electricity shortages as well as poverty and limited access to personal computers add to the unfeasibility of widespread cryptocurrency use in North Korea.
A hermit state such as North Korea depends on sufficient financial funds to further its nuclear weapons program and secure its survival in the international system. Therefore, the government is very likely to partially back its military expenditures with cryptocurrency-related cybercrime. Vulnerable cryptocurrency exchanges in target states such as South Korea will have to improve their cybersecurity systems in order to avoid damages that benefit North Korea’s government and military.
