North Korea is increasingly engaging in illicit cyber activities to secure funds for its ballistic missile and other weapons of mass destruction (WMD) programs, a U.N. expert said Wednesday, highlighting the need to protect poorly regulated areas such as cryptocurrency.
Eric Penton-Voak, coordinator on the Panel of Experts on U.N. Security Council sanctions against North Korea, also said North Korea’s cyber actors must not be underestimated.
“Fundamentally, DPRK’s ability to continue to develop its WMD depends on three things — know-how, specialized equipments and products and, fundamentally, money,” he said in a webinar hosted by the Center for a New American Security, a think tank based in Washington, referring to North Korea by its official name, the Democratic People’s Republic of Korea.
He noted Pyongyang continues to evade UNSC sanctions to procure materials for its WMD programs through a “sophisticated global network of trade representatives with diplomatic status.”
“But fundamental to this procurement network is money, and DPRK is an innovator in finding new sources of illicit income,” said the former British official.
Penton-Voak said the North has increasingly been relying on cyber activities for illicit income since 2017, noting a North Korean hacker group, known as Lazarus, was recently implicated in a US$625 million crypto hack against Axie Infinity, a play-to-earn online game.
“Make no mistake, DPRK hackers are really good,” he added.
In its biennial report to the U.N. Security Council on North Korea sanctions released earlier this month, the U.N. Panel of Experts said the North may have stolen as much as $400 million in cryptocurrency in 2021 alone.
Penton-Voak stressed that at least part of North Korea’s illicit income may be used to finance its nuclear and ballistic missile programs, highlighting the need to regulate or restrict North Korea’s cyber activities, which he said are not currently covered by existing U.N. Security Council resolutions.
“There has been a marked acceleration recently, as you no doubt may be aware, in DPRK missile testing, particularly over the last six months,” he said, adding that the word cryptocurrency does not “actually appear in the U.N. sanctions resolutions.”
Pyongyang staged more than a dozen missile tests since late last year, including seven rounds of missile launches in January alone that marked the largest number of missile tests the country has conducted in any given month.
“Without cash, the DPRK’s WMD program would slow dramatically,” said Penton-Voak.
To this end, the U.N. expert emphasized the need for strong regulations to protect cyberspace.
“We see that DPRK cyber actors always go to the weakest point. They look at non-regulated areas. They look at really interesting and very gray, new areas of cryptocurrency because actually, A, no one really understands them, and B, they can exploit weakness,” he said.
He also highlighted the need for countries, especially the U.S. and South Korea, to work together, noting internationally accepted regulations may not be possible in the near future.
“I think what is required is some best practice, particularly by people who clearly know what they are doing, and the U.S., ROK, on this particular issue, probably know more than anybody,” he said, referring to South Korea by its official name, the Republic of Korea.
“So if they can work out how to work together and then publicize that action, those decisions, then other countries can probably learn from it,” he added.