N. Korea’s 4Cs: Crypto-Currency-Cyber-Crime

Despite recent diplomatic progress with the US, North Korea remains the world’s most significant weapons of mass destruction (WMD) proliferation threat. Now North Korea has gone to extremes to raise funds and evade international sanctions, recently expanding these efforts to include the exploitation of crypto-currencies such as Bitcoin. 
 
Crypto-currencies likely play only a peripheral role in North Korea’s overall fundraising and sanctions-evasion activity. 
 
However, the sophistication of North Korea’s broader cybercrime operations and its general demand for ongoing financial resources present the risk that its crypto-currency activity could become a sustained security challenge, particularly as international sanctions lead North Korea to seek financial lifelines outside the mainstream sector. 
 
The UN Security Council’s Panel of Experts on North Korea has suggested that crypto-currencies offer North Korea ‘more ways to evade sanctions given that they are harder to trace, can be laundered many times and are independent from government regulation’.
 
In general, North Korea could seek to use crypto-currencies as part of its proliferation financing efforts through:
 
  • Fundraising: To sustain its ongoing needs for cash, North Korea may obtain crypto-currencies with the aim of converting them to fiat currencies in the short term.
  • Stockpiling: North Korea could accumulate reserves of crypto-currencies with the objective of eventually spending them or converting them into fiat currency at some point in the future.
  • Circumvention: North Korea could use crypto-currencies to pay directly for goods, services and resources that are explicitly prohibited by international sanctions.
Southeast Asia has long been vulnerable to North Korea’s WMD proliferation financing and sanctions-evasion activities, given its proximity to North Korean proliferation networks and the availability of sophisticated trade and finance infrastructure. 
The region is now vulnerable to North Korea’s crypto-currency-enabled activity as well, and important gaps remain.
For example, gaps in local regulatory frameworks could allow North Korea, or other actors, to exploit crypto-currency exchanges and other related platforms. 
 
Since Southeast Asia also features a nascent but burgeoning cryptocurrency industry, local law enforcement agencies will likely require further knowledge and resources to ensure that they can successfully respond to crypto-currency-related criminal activity over time should the local crypto-currency industry continue to grow in scale. 
 
By taking steps such as developing effective regulatory frameworks and leveraging public–private partnership initiatives, countries in the region can mitigate North Korea’s crypto-currency activity successfully.
 
RUSI
 
You Might Also Read
 
The Mysteries Of Crypotocurrencies:
 
 
 
« Cognitive Science Can Explain Why Fake News Works
Deep Learning & Cybersecurity »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Cyberhaven

Cyberhaven

Cyberhaven provides rapid enablement for GDPR and CCPA compliance, streamlined data security and modern risk management.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

Nordic Cyber Summit

Nordic Cyber Summit

Nordic Cyber Security Summit addresses a wide range of technological issues from the IT Security spectrum and also provides a wider perspective from all aspects of the industry.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

CYBRScore

CYBRScore

CYBRScore is a premium, performance-based cyber skills training and assessment provider that quantifies a user’s ability to defend a network.

Data Privacy Office (DPO) - Belarus

Data Privacy Office (DPO) - Belarus

Data Privacy Office is a company that specializes in privacy and personal data protection, following the highest standards in its sector.

KryptoKloud

KryptoKloud

KryptoKloud offer a suite of Managed Services including Security Monitoring and Incident Response as well as a full portfolio of Compliance, Governance and Audit solutions.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Zaviant Consulting

Zaviant Consulting

Zaviant Consulting is a leading data security and privacy consulting firm assisting organizations comply with constantly evolving security frameworks and privacy regulations.

RevealSecurity

RevealSecurity

RevealSecurity's TrackerIQ detects malicious activities in enterprise applications.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

StarLink

StarLink

StarLink is an acclaimed Value-Added Distributor across the Middle East, Turkey and Africa regions with on-the-ground presence in 20 countries including UK and USA.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.