Did North Korea use cyberattack money to buy nuclear weapons?

Authors of UN report claim North Korea stole $2bn through cyberattacks and used it to bolster its weapons programmes.

North Korea flag waving in Russia April 2019
A panel that monitors United Nations sanctions on North Korea presented a report to the UN's Security Council detailing how the country used up to $2bn to continue building its nuclear programmes [Alexander Khitrov/Reuters]

North Korea has generated an estimated $2bn for its weapons of mass destruction programmes using “widespread and increasingly sophisticated” cyberattacks to steal from banks and cryptocurrency exchanges, according to a confidential United Nations report seen by Reuters on Monday.

Pyongyang also “continued to enhance its nuclear and missile programmes although it did not conduct a nuclear test or ICBM [intercontinental ballistic missile] launch,” said the report, which was sent to the UN Security Council’s North Korea sanctions committee by independent experts monitoring compliance over the past six months.

The North Korean mission to the UN did not respond to a request for comment on the report, which was submitted to the Security Council committee last week.

The report said North Korea “used cyberspace to launch increasingly sophisticated attacks to steal funds from financial institutions and cryptocurrency exchanges to generate income”. The country also used cyberspace to launder the stolen money, the report said.

“Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD [weapons of mass destruction] programmes, with total proceeds to date estimated at up to two billion US dollars,” the report said.

North Korea is formally known as the Democratic People’s Republic of Korea (DPRK). The Reconnaissance General Bureau is a top North Korean military intelligence agency.

The independent experts addressing the UN said they are investigating “at least 35 reported instances of DPRK actors attacking financial institutions, cryptocurrency exchanges and mining activity designed to earn foreign currency” in some 17 countries.

The experts also said North Korea’s attacks against cryptocurrency exchanges allowed it “to generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector”.

The Security Council has unanimously imposed sanctions on North Korea since 2006 in a bid to choke funding for Pyongyang’s nuclear and ballistic missile programmes. The Council has banned exports including coal, iron, lead, textiles and seafood, and capped imports of crude oil and refined petroleum products.

United States President Donald Trump has met with North Korea leader Kim Jong Un three times, most recently in June, when he became the first sitting US president to set foot in North Korea at the Demilitarized Zone (DMZ) between North and South Korea.

Trump and Kim Jong Un agreed to resume stalled talks aimed at getting Pyongyang to give up its nuclear weapons programme. The talks have yet to continue, and in July and early August, North Korea carried out three short-range missiles tests in eight days.

When asked about the UN report, a United States Department of State spokeswoman said, “We call upon all responsible states to take action to counter North Korea’s ability to conduct malicious cyber activity, which generates revenue that supports its unlawful WMD and ballistic missile programmes.”

The UN report was completed before last week’s missile launches by North Korea, but noted that “missile launches in May and July enhanced its overall ballistic missile capabilities”.

The independent experts who wrote the report said that despite the diplomatic efforts, they found “continued violations” of UN sanctions.

“For example, the DPRK continued to violate sanctions through ongoing illicit ship-to-ship transfers and procurement of WMD-related items and luxury goods,” the UN report stated.

Source: Reuters