FILE - Portraits of late North Korean leaders Kim Il Sung and Kim Jong Il sit in downtown Pyongyang, North Korea.
A new United Nations report says North Korea is using internet attacks to steal money to pay for its banned weapons programs.
The report is from a group of experts observing U.N. restrictions on North Korea’s nuclear and missile programs. It was prepared for the U.N. Security Council.
The group said an unnamed government reported that North Korean “cyber-actors” stole more than $50 million between 2020 and the middle of 2021. Cyber describes activities carried out through computers.
The experts said the stolen money was in the form of at least three cryptocurrencies. These are forms of money which exist only online and are not controlled by any country’s central bank. The report said the money was taken from cryptocurrency exchanges in North America, Europe and Asia.
The experts added that the new activity suggests North Korea is changing “to diversify its cybercrime operations.”
An unidentified cybersecurity company said in the document that North Korea stole $400 million in cryptocurrencies in 2021, The Associated Press reported. The report said the activity involved seven attacks on cryptocurrency exchanges and investment companies.
Many methods were used to carry out the cyberattacks, the experts said. These included “phishing lures, code exploits, malware, and advanced social engineering…” Phishing and social engineering often involve using email to get information about targets. Code exploits can be used to find weaknesses in computer software or security. Malware is a computer program designed to break into a computer.
North Korea has long been banned by the U.N. Security Council from carrying out nuclear tests and ballistic missile launches. The U.N. has placed sanctions on the country for repeatedly violating the ban.
The experts said North Korea, also known as the DPRK, has continued to develop its nuclear and ballistic missile programs. January was the busiest month ever for North Korean missile tests.
“Although no nuclear tests or launches of ICBMs were reported, DPRK continued to develop its capability for production of nuclear fissile materials,” the panel said. ICBMs are missiles that can travel long distances and are difficult to follow and stop. Fissile materials — such as uranium or plutonium — can be used to fuel nuclear reactions.
The experts noted that the North Korean missile launches in January used several different technologies. They said North Korea was continuing “to seek material, technology and know-how for these programs overseas, including through cyber means and joint scientific research.”
The group also commented on North Korea’s blockade aimed at preventing the spread of COVID-19. It said the action had resulted in “historically low levels” of people and goods entering and leaving the country. Legal and illegal trade including costly goods had “largely ceased” as a result of the blockade. But the report said that cross-border rail traffic with China had restarted in early January.
Experts have said in the past that North Korea remains able to get around sanctions. The government of leader Kim Jong Un has illicitly imported petroleum products. It has also used international banking channels to carry out illegal “cyber activities.”
North Korea also continues to escape sanctions on shipping activities and hides financial and ownership networks, the U.N. experts said.
One year ago, the group warned that North Korea had modernized its nuclear weapons and ballistic missiles by ignoring U.N. restrictions. It said the country was using cyberattacks to help finance its programs and continued to seek material and technology overseas, including in Iran.
The experts noted that the humanitarian situation continues to worsen in North Korea. But there is nearly a complete lack of information from the country. This makes it difficult to find the “unintended humanitarian consequences of U.N. sanctions affecting the civilian population,” the group said.
Words in This Story
diversify – v. to increase the different kinds of things that you are involved in
phishing – n. the practice of sending emails to people in order to trick them into giving information that could be used in an internet attack
malware – n. a computer program that is designed to damage or break into a computer
ballistic missile – n. a weapon that is shot through the sky over a great distance and then falls to the ground and explodes
sanctions – n.(pl.) actions taken to force a country to obey international law by limiting or stopping trade or cutting economic aid
illicitly – adv. illegally; in a way not permitted or acceptable
unintended – adj. not planned as a purpose or goal
consequences – n.(pl.) something that happens as a result of a particular action or set of conditions