North Korea has been using cyberattacks on banks and cryptocurrency exchanges to steal money and evade financial sanctions, says a new United Nations report.
Hacking to illegally force the transfer of funds have become an "important tool" in the evasion of sanctions for North Korea and has "grown in sophistication and scale" since 2016, according to an expert panel's investigation for the UN Security Council.
The report cites the case of Park Jin Hyok, who has been charged by the US with a host of high-profile cyberattacks, including the $81 million Bangladesh Bank hack. He is accused of involvement in the North Korean government-sponsored hacking team known as 'Lazarus Group' linked to the 2017 WannaCry 2.0 global ransomware attack, the 2016 Bangladesh Bank theft, and the 2014 hit on Sony Pictures Entertainment, among others.
The UN report also cites two 2018 bank attacks that, like the Bangladesh Bank incident, tapped into the Swift messaging system: a $10 million theft from Banco de Chile and a $13.5 million ATM cashout hit on Cosmos Bank in India.
It is not just traditional financial institutions under threat from the North Korean hackers, says the UN panel, which documents at least five successful attacks against cryptocurrency exchanges in Asia between January 2017 and September 2018, resulting in losses of $571 million.
Targeting these exchanges provides North Korea with "more ways to evade sanctions given that they are harder to trace, can be laundered many times and are independent from government regulation," says the report.
The panel recommends that this cyber activity be taken into account when the UN Security Council drafts future financial measures against North Korea. Meanwhile, countries should improve information sharing about possible attacks, both between each other and with financial institutions.