March 25, 2022

How to follow North Korean hackers

By Jason Bartlett

While the open and public nature of blockchain technology allows for more visibility into online transactions compared to traditional financial institutions, like banks, cryptocurrency exchanges often lack rigorous know-your-customer (KYC) and anti-money laundering protocols that are crucial in curbing cyber-enabled financial crime. North Korean hackers are a prime example of how bad actors can exploit these vulnerabilities to finance illicit activity, such as nuclear weapons development.

As outlined in a new report released by the Center for a New American Security (CNAS), Pyongyang continues to enjoy high overall success in infiltrating cryptocurrency exchanges in order to steal, launder, and liquidate funds for its nuclear weapons programs. The report also provides a snapshot of key policy oversights within the regulatory environment in the crypto space of central stakeholders and countries, such as China, the US, and South Korea, as well as a prospective look into the future of North Korea-led crypto hacks. How can the US strengthen its cyber resilience against these efforts?

The rate by which cryptocurrency and blockchain technology evolves continues to far outpace the rate by which national governments and international institutions are able to regulate and understand it. This is a major vulnerability that North Korean hackers continue to exploit.

The main impetus for this report was linked to common misconceptions surrounding the cyber threat emanating from Pyongyang. North Korea’s lack of access to modern computer hardware within its borders is not related to its ability to successfully execute cyberattacks, intrusions, and other unwanted cyber activity, because these often rely on software, not hardware — a tool that North Korean hackers have become very skilled at developing, trading, and using. While Beijing and Moscow captivate the attention of most democratic governments concerned about pending cyber intrusions, Pyongyang continues to defy miscalculated expectations by successfully employing myriad sophisticated cyberattacks that target new and developing financial technology. As such, North Korea will likely continue to adapt its cybercrime tactics targeting cryptocurrency to circumvent obstacles presented by economic sanctions on more traditional forms of financial activity and commerce.

Read the full article from Inkstick.

  • Podcast
    • October 4, 2022
    A Marshall Plan for Ukraine

    Rachel Ziemba joins NPR's The Indicator From Planet Money to discuss what a Marshall Plan might look like for Ukraine. Listen to the interview from NPR: The Indicator From Pl...

    By Rachel Ziemba

  • Congressional Testimony
    • September 20, 2022
    Under the Radar

    My testimony will address China’s progress in building out alternative payment systems, the strategic implications of growth in China’s alternative payment systems, and recomm...

    By Emily Jin

  • Reports
    • September 19, 2022
    Rewire: Semiconductors and U.S. Industrial Policy

    As the United States considers industrial policy for the first time in decades, it should learn lessons from prior government efforts to shape the semiconductor industry, in t...

    By Chris Miller

  • Commentary
    • The Atlantic Council
    • September 14, 2022
    Sand in the silicon: Designing an outbound investment controls mechanism

    Recent congressional efforts to establish new authorities to regulate outbound investment have revived a long-simmering debate in Washington about the economic and security ri...

    By Emily Kilcrease & Sarah Bauerle Danzman

View All Reports View All Articles & Multimedia