North Korea ‘funding WMD programme via cybercrime’
North Korea is funding as much as 40% of its nuclear and ballistic missile programme by stealing cryptocurrency and other “illicit cybermeans”, according to a new report by a group of United Nations experts.
According to information gathered by the so-called Panel of Experts, which has the job of monitoring UN sanctions against North Korea, Pyongyang also earns huge sums from the pay packets of North Korean workers sent abroad, despite UN security council resolutions that ban the practice.
“The malicious cyberactivities of the Democratic People’s Republic of Korea (DPRK) generate approximately 50% of its foreign currency income, and are used to fund its weapons programmes,” the panel said in its annual report, referring to information provided by an unidentified UN member state.
It added: “A second member state reported that 40% of the weapons of mass destruction programmes of the DPRK are funded by illicit cybermeans.”
The panel, which receives and assesses reports from UN member states, said it was investigating 17 thefts of cryptocurrency in 2023, in which hackers acting for North Korea were believed to be the perpetrators. The amount of currency stolen was equivalent to US$750 million.
There have been separate reports of 58 cryptocurrency attacks since 2017 which bagged as much as US$3 billion. Most of the attacks are on cryptocurrency exchanges, where currencies such as Bitcoin are digitally stored.
North Korea's best known state crypto-robbers are the Lazarus Group, which has carried out a number of spectacular heists over the years under the auspices of Pyongyang’s external intelligence agency, the Reconnaissance General Bureau.
In 2014, Lazarus took revenge for a film that mocked North Korea’s Supreme Leader Kim Jong-un by hacking Sony Pictures. Its most notorious attack was the attempt two years later to steal US$1b from the Bangladesh central bank.
In 2017, the so-called WannaCry ransomware affected 300,000 computers in 150 countries. The following year, hackers based in North Korea used a computer virus to create, or “mine”, the cryptocurrency Monero on other people’s computers and divert it to Pyongyang.
The South Korean government reported last month that in 2023, 80% of 1.62 million hacking attempts against South Korean companies and public organisations were traceable to North Korea.
The panel also reports that 100,000 North Korean workers working in 40 foreign countries generate an estimated US$500m every year in industries ranging from construction and restaurants to information technology. UN sanctions ban member states from permitting North Korean labour, but enforcement, especially in Russia, is weak. – The Times