Specialists from the United Nations are meticulously examining a series of 58 suspect cyber incursions linked to North Korea, spanning from 2017 to 2023, which are believed to have amassed approximately $3 billion in illicit proceeds.
Investigations by UN authorities are underway concerning North Korea’s purported cyber activities, believed to be a lucrative venture for the regime governed by Kim Jong Un.
These inquiries are centered on a sequence of 58 cyber events suspected to have occurred within this timeframe, including notable cryptocurrency breaches. These incidents are thought to be part of efforts to finance the nation’s weaponry advancements.
Reports from a UN committee suggest that the wave of cyber assaults attributed to North Korean operatives, associated with the Reconnaissance General Bureau—North Korea’s leading espionage agency—is persisting.
This investigative period is marked by growing regional tensions, with Kim Jong Un intensifying threats against South Korea alongside increased weapons testing.
In response, the United States, South Korea, and Japan have escalated their collective military drills.
The UN committee has also spotlighted continuous operations at the Punggye-ri nuclear testing site, hinting at preparations for what could be North Korea’s seventh nuclear detonation, marking the first since 2017.
Over a six-month span concluding in January, North Korea is reported to have executed at least seven ballistic missile launches, encompassing an intercontinental ballistic missile and possibly a medium-range missile, alongside five short-range missiles.
Moreover, North Korea marked a significant achievement by successfully launching a military surveillance satellite after two unsuccessful attempts. A diesel-powered submarine has also been modified into a “tactical nuclear attack submarine,” enhancing North Korea’s military prowess.
The committee’s probe further covers the alleged employment of numerous North Korean citizens abroad in sectors like information technology, dining, and construction, thereby generating revenue in contravention of UN sanctions.
North Korea’s continued access to the global financial system and its involvement in unauthorized financial transactions represent further sanctions violations.
Although UN sanctions aim to penalize the regime rather than the general populace of North Korea, the committee acknowledges that these measures have unintended repercussions on humanitarian conditions and aid initiatives. Nevertheless, attributing these impacts solely to sanctions is complex due to various influencing factors.
In an effort to clamp down on North Korea’s cyber warfare, the United States, South Korea, and Japan concurred in December to enhance measures against North Korea’s cyber threats.
This agreement came after a meeting in Seoul among the national security advisers of the three countries, where they discussed new tripartite approaches to tackle North Korea’s cybercriminal acts and the laundering of ill-gotten gains via cryptocurrencies.
This joint effort follows allegations of North Korea’s use of cyber warfare to fund its nuclear and missile programs, as detailed in a recent UN report that sheds light on Pyongyang’s advanced strategies to increase cryptocurrency theft.
Furthermore, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on the cryptocurrency mixer Sinbad, accusing it of being a tool for cybercriminal groups like the Lazarus Group to launder stolen funds.
Sinbad now finds itself among the list of cryptocurrency mixers sanctioned by OFAC, joining the likes of Blender and Tornado Cash, due to its use by hacking groups operating under the direction of North Korea’s chief intelligence bureau.