N. Korea’s 4Cs: Crypto-Currency-Cyber-Crime

Uploaded on 2019-04-25 in INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY-Key Areas-Blockchain, TECHNOLOGY--Developments

Despite recent diplomatic progress with the US, North Korea remains the world’s most significant weapons of mass destruction (WMD) proliferation threat. Now North Korea has gone to extremes to raise funds and evade international sanctions, recently expanding these efforts to include the exploitation of crypto-currencies such as Bitcoin. 
 
Crypto-currencies likely play only a peripheral role in North Korea’s overall fundraising and sanctions-evasion activity. 
 
However, the sophistication of North Korea’s broader cybercrime operations and its general demand for ongoing financial resources present the risk that its crypto-currency activity could become a sustained security challenge, particularly as international sanctions lead North Korea to seek financial lifelines outside the mainstream sector. 
 
The UN Security Council’s Panel of Experts on North Korea has suggested that crypto-currencies offer North Korea ‘more ways to evade sanctions given that they are harder to trace, can be laundered many times and are independent from government regulation’.
 
In general, North Korea could seek to use crypto-currencies as part of its proliferation financing efforts through:
 
  • Fundraising: To sustain its ongoing needs for cash, North Korea may obtain crypto-currencies with the aim of converting them to fiat currencies in the short term.
  • Stockpiling: North Korea could accumulate reserves of crypto-currencies with the objective of eventually spending them or converting them into fiat currency at some point in the future.
  • Circumvention: North Korea could use crypto-currencies to pay directly for goods, services and resources that are explicitly prohibited by international sanctions.
Southeast Asia has long been vulnerable to North Korea’s WMD proliferation financing and sanctions-evasion activities, given its proximity to North Korean proliferation networks and the availability of sophisticated trade and finance infrastructure. 
The region is now vulnerable to North Korea’s crypto-currency-enabled activity as well, and important gaps remain.
For example, gaps in local regulatory frameworks could allow North Korea, or other actors, to exploit crypto-currency exchanges and other related platforms. 
 
Since Southeast Asia also features a nascent but burgeoning cryptocurrency industry, local law enforcement agencies will likely require further knowledge and resources to ensure that they can successfully respond to crypto-currency-related criminal activity over time should the local crypto-currency industry continue to grow in scale. 
 
By taking steps such as developing effective regulatory frameworks and leveraging public–private partnership initiatives, countries in the region can mitigate North Korea’s crypto-currency activity successfully.
 
RUSI
 
You Might Also Read
 
The Mysteries Of Crypotocurrencies:
 
 
 
« Cognitive Science Can Explain Why Fake News Works
Deep Learning & Cybersecurity »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

Northwave

Northwave

Northwave offers an Intelligent combination of cyber security services to protect your information.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

European Business Reliance Centre (EBRC)

European Business Reliance Centre (EBRC)

EBRC is a leader in integrated Data Center, Cloud and Managed Services and a Centre of Excellence in Europe in the Management of Sensitive Information.

Torsion Information Security

Torsion Information Security

Torsion is an innovative information security and compliance engine, which runs either in the cloud or your data centre.

NESECO

NESECO

NESECO is an IT security integration and consulting firm providing security products, solutions, support, consulting, and training services.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

Identifi Global Recruitment

Identifi Global Recruitment

Identifi Global is one of the UK's leading Cyber Security & IT Recruitment specialists.

Ribbon Communications

Ribbon Communications

Ribbon Communications delivers global communications software and network solutions to service providers, enterprises, and critical infrastructure sectors.

Nardello & Co

Nardello & Co

Nardello & Co. is a global investigations firm with experienced professionals handling a broad range of issues including Digital Investigations & Cybersecurity.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

xorlab

xorlab

xorlab is a Swiss cybersecurity company providing specialized, machine-intelligent defense against highly engineered, sophisticated and targeted email attacks.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

CYMAR

CYMAR

CYMAR The “CYBER” Smart Solution to offer sustainability and bring resilience to Global SMART Terminals and protect the supply chain of the World’s economy.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.

BlackSignal Technologies

BlackSignal Technologies

BlackSignal Technologies provides cybersecurity, digital signal processing and electronic warfare products to help DOD and IC agency customers counter near-peer threats and security challenges.