N. Korea’s 4Cs: Crypto-Currency-Cyber-Crime

Uploaded on 2019-04-25 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY-Key Areas-Blockchain, TECHNOLOGY--Developments

Despite recent diplomatic progress with the US, North Korea remains the world’s most significant weapons of mass destruction (WMD) proliferation threat. Now North Korea has gone to extremes to raise funds and evade international sanctions, recently expanding these efforts to include the exploitation of crypto-currencies such as Bitcoin. 
 
Crypto-currencies likely play only a peripheral role in North Korea’s overall fundraising and sanctions-evasion activity. 
 
However, the sophistication of North Korea’s broader cybercrime operations and its general demand for ongoing financial resources present the risk that its crypto-currency activity could become a sustained security challenge, particularly as international sanctions lead North Korea to seek financial lifelines outside the mainstream sector. 
 
The UN Security Council’s Panel of Experts on North Korea has suggested that crypto-currencies offer North Korea ‘more ways to evade sanctions given that they are harder to trace, can be laundered many times and are independent from government regulation’.
 
In general, North Korea could seek to use crypto-currencies as part of its proliferation financing efforts through:
 
  • Fundraising: To sustain its ongoing needs for cash, North Korea may obtain crypto-currencies with the aim of converting them to fiat currencies in the short term.
  • Stockpiling: North Korea could accumulate reserves of crypto-currencies with the objective of eventually spending them or converting them into fiat currency at some point in the future.
  • Circumvention: North Korea could use crypto-currencies to pay directly for goods, services and resources that are explicitly prohibited by international sanctions.
Southeast Asia has long been vulnerable to North Korea’s WMD proliferation financing and sanctions-evasion activities, given its proximity to North Korean proliferation networks and the availability of sophisticated trade and finance infrastructure. 
The region is now vulnerable to North Korea’s crypto-currency-enabled activity as well, and important gaps remain.
For example, gaps in local regulatory frameworks could allow North Korea, or other actors, to exploit crypto-currency exchanges and other related platforms. 
 
Since Southeast Asia also features a nascent but burgeoning cryptocurrency industry, local law enforcement agencies will likely require further knowledge and resources to ensure that they can successfully respond to crypto-currency-related criminal activity over time should the local crypto-currency industry continue to grow in scale. 
 
By taking steps such as developing effective regulatory frameworks and leveraging public–private partnership initiatives, countries in the region can mitigate North Korea’s crypto-currency activity successfully.
 
RUSI
 
You Might Also Read
 
The Mysteries Of Crypotocurrencies:
 
 
 
« Cognitive Science Can Explain Why Fake News Works
Deep Learning & Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

High-Tech Bridge

High-Tech Bridge

High-Tech Bridge SA is a Swiss MSSP provider offering security auditing, source code review and computer forensics.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

Cytelligence

Cytelligence

Cytelligence is a cyber security consulting company with deep expertise in Cyber Breach Response, Cyber Breach Investigations, and Digital Forensics.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

Ultra Electronics

Ultra Electronics

Ultra specialises in providing application-engineered bespoke solutions. We focus on mission critical and intelligent systems in the defence, security, critical detection & control markets.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

Tailscale

Tailscale

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly.

Securonix

Securonix

Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats.

Cyber Security Council UAE

Cyber Security Council UAE

The Cyber Security Council's vision is to protect UAE cyberspace, maintain confidence in our digital infrastructure and institutions, and build a cyber-resilient society.

CyberSanctus

CyberSanctus

CyberSanctus provide clients with a variety of pentest plans from the entry level starter plan, which is tailored for personal websites, to enterprise level pentests, tailored for large scale business

CaseMatrix

CaseMatrix

Discover a new era of legal intelligence with CaseMatrix. We identify potential class action cases arising from cyber incidents and data breaches.

Technation

Technation

Technation proudly represents the Canadian technology companies that are furthering our nation and the world into the future through innovation, creativity and ingenuity.

Radiant Security

Radiant Security

Radiant Security offers an AI-powered security co-pilot for Security Operations Centers (SOCs). Reinforce your SOC with an AI assistant.

Custocy

Custocy

Custocy is a unique collaborative AI technology that identifies sophisticated and unknown (zero-day) attacks.