N. Korea’s 4Cs: Crypto-Currency-Cyber-Crime

Despite recent diplomatic progress with the US, North Korea remains the world’s most significant weapons of mass destruction (WMD) proliferation threat. Now North Korea has gone to extremes to raise funds and evade international sanctions, recently expanding these efforts to include the exploitation of crypto-currencies such as Bitcoin. 
 
Crypto-currencies likely play only a peripheral role in North Korea’s overall fundraising and sanctions-evasion activity. 
 
However, the sophistication of North Korea’s broader cybercrime operations and its general demand for ongoing financial resources present the risk that its crypto-currency activity could become a sustained security challenge, particularly as international sanctions lead North Korea to seek financial lifelines outside the mainstream sector. 
 
The UN Security Council’s Panel of Experts on North Korea has suggested that crypto-currencies offer North Korea ‘more ways to evade sanctions given that they are harder to trace, can be laundered many times and are independent from government regulation’.
 
In general, North Korea could seek to use crypto-currencies as part of its proliferation financing efforts through:
 
  • Fundraising: To sustain its ongoing needs for cash, North Korea may obtain crypto-currencies with the aim of converting them to fiat currencies in the short term.
  • Stockpiling: North Korea could accumulate reserves of crypto-currencies with the objective of eventually spending them or converting them into fiat currency at some point in the future.
  • Circumvention: North Korea could use crypto-currencies to pay directly for goods, services and resources that are explicitly prohibited by international sanctions.
Southeast Asia has long been vulnerable to North Korea’s WMD proliferation financing and sanctions-evasion activities, given its proximity to North Korean proliferation networks and the availability of sophisticated trade and finance infrastructure. 
The region is now vulnerable to North Korea’s crypto-currency-enabled activity as well, and important gaps remain.
For example, gaps in local regulatory frameworks could allow North Korea, or other actors, to exploit crypto-currency exchanges and other related platforms. 
 
Since Southeast Asia also features a nascent but burgeoning cryptocurrency industry, local law enforcement agencies will likely require further knowledge and resources to ensure that they can successfully respond to crypto-currency-related criminal activity over time should the local crypto-currency industry continue to grow in scale. 
 
By taking steps such as developing effective regulatory frameworks and leveraging public–private partnership initiatives, countries in the region can mitigate North Korea’s crypto-currency activity successfully.
 
RUSI
 
You Might Also Read
 
The Mysteries Of Crypotocurrencies:
 
 
 
« Cognitive Science Can Explain Why Fake News Works
Deep Learning & Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

RioRey

RioRey

The DDoS mitigation specialist, from single server to Enterprise wide carrier level networks the RioRey Solution provides effective immediate and easy to manage protection.

Markel International

Markel International

Markel International is an international insurance company which looks after the commercial insurance needs of businesses. Specialist services include Cyber Risk insurance.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Sysmosoft

Sysmosoft

Sysmosoft specializes in providing highly secured telecommunication solutions for mobile devices for companies requiring protected access to sensitive data remotely.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Excelsecu Data Technology

Excelsecu Data Technology

Excelsecu is a global solution provider of online identity authentication, widely applied in banks, government bodies and enterprises.

Tarian Underwriting

Tarian Underwriting

Tarian Underwriting is a specialist provider of tailored insurance solutions for cyber and technology risks.

CaliberDLT

CaliberDLT

CaliberDLT provides quality assurance, automation, security audits and development services for blockchain technology.

Titans24

Titans24

Titans24 is a Software-as-a-Service security platform for web applications. It prevents attacks on business websites that are protected under 11 cyber-security layers.

Connectria

Connectria

Connectria provides cloud hosting, remote monitoring, and compliant cloud security solutions and services to enterprises, medium and small businesses.

Noventiq

Noventiq

Noventiq (the brandname of Softline Holding plc) is a leading global solutions and services provider in digital transformation and cybersecurity.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

PreEmptive Solutions

PreEmptive Solutions

PreEmptive Protection hit the sweet spot between cost, convenience and functionality by helping you protect and secure your apps in a smarter way.

SyferLock Technology Corp.

SyferLock Technology Corp.

SyferLock is an innovative provider of next-generation authentication and security solutions.