North Korea Raises Millions Through Hacking, Smuggling, U.N. Report Finds
North Korea has developed increasingly sophisticated hacking capabilities that have enabled it to steal from financial institutions and cryptocurrency exchanges and evade international sanctions, according to a new United Nations report.
Prepared by a panel of international experts, the report blamed North Korea for a broad range of sanctions-busting efforts through early February, using photos, maps and other information provided by U.N. members to document Pyongyang’s efforts to “flout” Security Council restrictions and obtain hundreds of millions of dollars.
The report supports a view among security experts that North Korea’s hacking operations can be lucrative enough for the cash-hungry regime to help counter sanctions pressure on Pyongyang to abandon its nuclear weapons program.
The regime’s revenue-generating hacking has proven to be “low-risk, high-reward and difficult to detect, and their increasing sophistication can frustrate attribution,” the report said.
In addition, the assessment said that North Korea has had success in more rudimentary smuggling techniques as illicit export of coal increased in 2019, with many of those deliveries going to China on small, ocean-faring barges.
“Self propelled barges of Chinese origin have been engaged in loading coal from Nampo and Taean,” noted the report, which described this as a new smuggling technique.
The report also stated that North Korea has evaded the cap set by the Security Council on the amount of refined petroleum it is allowed to buy. Though much of the smuggling is done through illicit ship-to-ship transfers, an increasing number of foreign-flagged ships have been sailing directly to North Korea’s port of Nampo, the U.N. report said.
The report is expected to be officially released next week in multiple languages. The English-language version inadvertently was posted on the U.N.’s website Friday before being taken down, a U.N. spokesman said.
The Wall Street Journal reviewed a copy of the 267-page assessment. NK News, which reports on North Korean affairs, noted the accidental release in a report Friday. North Korean officials at the country’s U.N. office couldn't be reached for comment.
Much of the period covered by the report predates the onset of the coronavirus pandemic, which many observers say has slowed trade, legal and illicit, with North Korea.
In addition, the report said North Korea has continued its short-range missile tests and continued to make progress despite international sanctions.
North Korea’s missile development effort in 2019, the report noted, “was characterized by its intensity, diversity and coherence.” As a result, it added, the country has demonstrated “the autonomous capacity to produce and launch different types of new solid-propellant short-range missiles” as well as a new submarine-launched ballistic missile.
The panel of experts has previously reported on North Korea’s success in circumventing sanctions, including China’s alleged role in facilitating the smuggling efforts at sea. At the time, China’s foreign ministry said Beijing abides fully with Security Council resolutions.
North Korea’s hacking capabilities are much harder to track and increasingly more important for the regime.
“These attacks have resulted in monetary losses and have provided illicit revenue for the country, in violation of financial sanctions,” the U.N. report noted.
The U.N. report also said that North Korea has engaged in cyberattacks directly targeting the United Nations, including the Security Council. Those attacks, which were detailed by an unidentified U.N. member state, involved the use of spear-phishing emails that pose as file-sharing invitations and direct recipients to a malicious website likely designed to steal passwords and other credentials, the report said.
The findings in the U.N. report echoed an unusual alert issued by the U.S. departments of State, Treasury and Homeland Security earlier this week. That warning noted that North Korea was using an array of different kinds of cyberattacks to enrich itself and support its nuclear weapon and ballistic missile programs.
The interagency warning also accused North Korea of developing a hackers-for-hire system through which it offers talent to other countries or criminal cyber groups in return for payment.
For years the U.S. and other Western governments have blamed North Korea for a string of increasingly brazen cyberattacks, ranging from the 2014 hack of Sony Pictures to a global ransomware attack in 2017. But the reclusive country has increasingly sought to use cyberattacks to generate cash, according to U.S. officials and security experts.
Last month, for example, the U.S. indicted and sanctioned two Chinese nationals accused of helping North Korean hackers launder around $100 million in stolen virtual currency, alleging Pyongyang’s hackers are receiving outside help.
Photo: A North Korean-flagged vessel purportedly conducting a ship-to-ship transfer of coal near the Chinese port of Lianyungang in a photo provided by the U.N. Security Council on July 13, 2019. - UNITED NATIONS/REUTERS
