North Korea may have confirmed the worst fears of cryptocurrency regulators by hacking crypto exchanges and financial institutions in at least 17 countries to fund its nuclear program.

United Nations (UN) experts have compiled a detailed report, according to a story in the South China Morning Post, outlining their investigations into 35 state-sanctioned cyber attacks in 17 countries, that netted North Korea as much as $2 billion.

Money Laundering

In a summary report that was leaked last week and seen by Reuters, the UN experts said that hackers operating under the direction of North Korea’s Reconnaissance General Bureau, used cyberspace to launch “increasingly sophisticated attacks to steal funds” and also used cyberspace to launder the stolen money.

It added that the hackers used “low risk, high yield” methods, often only needing a laptop computer to carry out their attacks. It detailed three ways in which the hackers were able to operate:

  • Attacking through the SWIFT global money transfer system, by gaining access to bank employee computers
  • Theft of cryptocurrency through attacks on both exchanges and users of those exchanges
  • Mining of cryptocurrency as a source of funds for a professional branch of the military

Who Was Hit

The more detailed report, published on Tuesday, reveals that South Korea was the hardest hit of the victim countries with 10 attacks, followed by India with three. 

Bangladesh and Chile each suffered two attacks, while 13 other countries were victims of one attack each: Costa Rica, Gambia, Guatemala, Kuwait, Liberia, Malaysia, Malta, Nigeria, Poland, Slovenia, South Africa, Tunisia and Vietnam.

Among the details on the institutions hit by the attacks, South Korean crypto exchange Bithumb was one of the worst hit, being attacked at least four times: two attacks in February 2017 and July 2017 each saw losses of about $7 million; in June 2018 the exchange lost $31 million and an attack in March 2019 led to a $20 million loss.

Possible Responses

Global financial regulators will be dismayed that the targeted attacks on crypto exchanges and banks have circumvented market rules on the use of cryptocurrencies for money laundering and funding terrorism and will likely call on crypto exchanges to tighten up their security measures.

The panel that compiled the report were investigating the cyber attacks as part of a wider probe into violations of UN sanctions.

It also discovered North Korea’s successful evasion of sanctions on coal exports, imports of refined petroleum products and luxury items. Meanwhile, it also discovered that a department store in Pyongyang is part of the Taesong Group which includes two divisions under sanction and has been linked to procurement for the country’s missile programs.

The panel – reporting directly to the UN Security Council – recommended measures against seven ships for evading UN sanctions