Expand International Cooperation to Prevent North Korea Committing Financial Crimes through Cyber-Attacks

With a noose of sanctions around it, North Korea has intensified its theft of cash and crypto-assets, or virtual currency, through cyber-attacks. International cooperation must be deepened to strengthen a crackdown on these activities.

An expert panel that monitors the implementation of the U.N. Security Council’s sanctions against North Korea has compiled a preliminary annual report. The report says that North Korea is estimated to have stolen more than ¥30 billion in 2019-20 through cyber-attacks on financial institutions, crypto-asset dealers and other entities around the world.

According to an investigation by the South Korean government, the number of cyber-attacks on South Korea last year jumped about fourfold from four years ago. Most of them are believed to have been carried out by North Korea.

In recent years, North Korea’s economy has slumped due to sanctions, which include a ban on coal exports, as well as a sharp drop in bilateral trade with China amid the novel coronavirus pandemic and natural disasters. The intensification of cyber-attacks by the country is apparently aimed at making up for a shortage of foreign currency.

It is highly likely that the stolen money has been used to develop Pyongyang’s nuclear weapons and missiles. Another motivation is that a huge amount of funds is needed to maintain the regime, such as by distributing luxury goods to senior government officials.

North Korea is said to have reinforced its military’s cyber-attack unit and deployed capable students who have been made to study computer technology for the unit at the direction of Kim Jong Un, general secretary of the Workers’ Party of Korea.

The U.S. Department of Justice indicted three North Korean military operatives for cyber-attacks on banks and other institutions in some countries. The department called them “the world’s leading bank robbers” and condemned the “acts of a criminal nation-state.” It apparently became clear that North Korea has committed financial crimes under the state’s direction.

According to U.S. authorities, the operatives had also been stationed in China and Russia. They are said to have exchanged the stolen crypto-assets for other assets via companies in China to make it difficult to track them down.

All countries — including China — need to strengthen their surveillance of illicit transactions of crypto-assets to prevent the creation of hotbeds of financial crime and money laundering.

As long as the international environment remains severe for North Korea, the country is likely to intensify its cyber-attacks. It is essential for the relevant countries, centered around the United States, to expand their cooperation in investigating such crimes.

There is no doubt that Japan is also a target of cyber-attacks by Pyongyang. The Japanese government is working with the National Center of Incident Readiness and Strategy for Cybersecurity as a control tower to establish a system in which the public and private sectors work together to deal with such crimes.

One problem is that companies and organizations that have been attacked are reluctant to publicize the incidents, making it difficult to determine the extent of the damage. They are urged to comprehensively share information with authorities.

North Korea is also enhancing its ability to destroy infrastructure through cyber-attacks. It should not be forgotten that this poses a serious threat to security.

— The original Japanese article appeared in The Yomiuri Shimbun on March. 8, 2021.