A UN expert panel concludes that North Korean hackers have stolen billions of dollars worth of cryptocurrencies over the years, with some of these proceeds flowing directly into the country's missile and nuclear program. This cyber activity serves as an important component of North Korea's strategy to raise money and fund its military programs.
Recent incidents highlight the scale of these operations. Preliminary indicators suggest a very sophisticated state actor, likely North Korea's Lazarus Group, was behind the theft of about $290 million in ethereum from Kelp DAO over the weekend, according to technology company Layer Zero. The theft from Kelp DAO is reported to be the largest crypto theft so far this year. The Lazarus Group is also accused of a series of high-profile crypto thefts, including last year's theft of digital assets worth $1.5 billion from the crypto exchange Bybit.
Preliminary indicators suggest a very sophisticated state actor, likely North Korea's Lazarus Group.
Internationally, North Korea is recognized as a serious cyber threat. The United Kingdom views North Korea as a serious cyber threat, alongside China, Russia, and Iran, as one of the four main actors, according to James Sullivan, Cyber Director of RUSI. According to experts cited in major media, North Korea is one of the most active actors worldwide in cyberspace. US authorities regularly warn about North Korean hacker groups, particularly the Lazarus Group, which is believed to be responsible for several large-scale cyberattacks.
Patterns in North Korean cyber targeting show a focus on financial gains. North Korean hackers are particularly active in attacks on cryptocurrency platforms, according to international security authorities and analysts. James Sullivan, Cyber Director of RUSI, notes that North Korea has targeted critical infrastructure in the past to achieve financial gains.
This cyber activity occurs against a backdrop of isolation and sanctions. North Korea is militarily isolated and economically sanctioned, as reported by major media. The exact amount of cryptocurrency stolen by North Korean hackers in total over the years remains unclear, and the specific military programs funded by these proceeds are not publicly detailed. Additionally, the full extent of North Korea's cyber capabilities and infrastructure, as well as the effectiveness of international sanctions in curbing its operations, are ongoing concerns for global security.