North Korea using cyberattacks to advance nuclear weapons, UN warns
Experts at the United Nations have accused North Korea of modernising its nuclear weapons by flouting UN sanctions, using cyberattacks to help finance its programmes, and continuing to seek material and technology overseas for its arsenal.
In its investigations, the panel found that North Korea-linked cyber actors continued to conduct operations in 2020 against financial institutions and virtual currency exchange houses to generate money to support the country’s nuclear and ballistic missile programmes. Furthermore, in its weapons development, the experts say, Kim Jong Un’s government has also produced fissile material – an essential ingredient for producing nuclear weapons – and maintained its nuclear facilities.
The panel added: “It displayed new short-range, medium-range, submarine-launched and intercontinental ballistic missile systems at military parades. It announced preparation for testing and production of new ballistic missile warheads and development of tactical nuclear weapons… and upgraded its ballistic missile infrastructure.”
The Security Council has imposed increasingly tough sanctions on North Korea since its first test explosion of a nuclear device in 2006. It has also banned most of the country’s exports and severely limited its imports as a way to pressure Pyongyang into abandoning its nuclear and ballistic missile programmes.
But the report’s summary and some key findings and recommendations indicate that North Korea remains able to evade sanctions and develop its weapons and to illicitly import refined fuels, access international banking channels, and carry out “malicious cyber activities”.
The panel says in the new report that it investigated “malicious” activities by the Reconnaissance General Bureau – North Korea’s primary intelligence agency, which is on the UN sanctions blacklist – including “the targeting of virtual assets and virtual asset service providers, and attacks on defence companies”.
They add that the nation continues to launder stolen cryptocurrencies, especially through over-the-counter virtual asset brokers in China, to acquire fiat currency which is government-backed, like the US dollar. The panel said it is currently investigating a September 2020 hack against a cryptocurrency exchange that resulted in approximately $281m (£204m) worth of cryptocurrencies being stolen, and transactions on the blockchain indicating the $281m hack is related to a $23m (£17m) second hack in October 2020.
“Preliminary analysis, based on the attack vectors and subsequent efforts to launder the illicit proceeds strongly suggests links to the DPRK,” the experts said, using the initials of the country’s official name, the Democratic People’s Republic of Korea.
According to one unnamed country, North Korea also continues to generate illegal revenue by exploiting freelance information technology platforms using the same methods it does to access the global financial system – false identification, use of virtual private network services, and establishing front companies in Hong Kong, the panel said.
North Korea’s arsenal escalated to a major threat to the US following tests in 2017 that included a detonation of a purported thermonuclear warhead and flight tests. Such tests demonstrated that its intercontinental ballistic missiles could reach deep into the US mainland.
A year later, Kim initiated diplomacy with South Korea and then-US President Donald Trump that derailed in 2019 when the US rejected North Korea’s demands for major sanctions relief in exchange for a deal partially surrendering its nuclear weapons capabilities.