Cyber-hacking as a Means of “Self-reliance”

Cyber-hacking as a Means of “Self-reliance”

North Korea’s Ransomware-based Cyber-hacking for Economic Gains in the Absence of Regulations on Cryptocurrencies in Global Finance

Author: June Park


This policy paper was published in collaboration with The Wilson Center Hyundai Motor-Korea Foundation Center for Korean History and Public Policy and the National Committee on North Korea as a part of the "Understanding North Korea" roundtable series. This paper reflects the views of the author alone and not those of the National Committee on North Korea, the Wilson Center, or any other organizations. 

As the pandemic unfolds and the digital economy expands, one of the biggest changes to North Korea’s capacity to enable “self-reliance” is its hacking mechanisms in cyberspace. The DPRK has engaged in various kinds of illicit activities – including drug production and tobacco counterfeiting to obtain foreign exchange to overcome chronic trade deficit and current account deficit – in the decades preceding multilateral and unilateral sanctions. In the last decade, it has developed domestic talent in computer skills and built an army of hackers focusing on data breach and cryptocurrency theft. The inability of existing sanctions to keep up with and punish North Korea’s illicit activities in cyberspace enabled this shift, leaving the task of assessment largely to the expertise of cybersecurity firms. 

This policy paper is divided into three parts: first, it scrutinizes the evolution of North Korea’s cryptocurrency thefts by ransomware attacks for bitcoins, followed by money laundering. The second part is on sanctions, whereby the paper examines the actions taken for recourse in the form of unilateral sanctions by the U.S. Treasury and other U.S. institutions under Trump and Biden, due to the difficulty of addressing the issue multilaterally. The third part on empirical findings suggests that the ‘self-reliance’ that North Korea has stressed at the 8th Congress of the Worker’s Party is a recurring strategy that is currently built on exploitation of loopholes in current financial sanctions by planting ransomware, but not necessarily obtaining private keys or exploiting smart contracts. The fourth part addresses the recent crackdowns on cryptocurrencies by the U.S. to sanction ransomware under the Biden administration. Lastly, the final section concludes with policy recommendations that suggest a focus on targeting ransomware attacks by reverse hacks/attacks and digital asset freezes upon determination of perpetrators of digital financial crime. 

About the Author

Dr. June Park is a 2021-22 Fung Global Fellow of the Princeton Institute for International and Regional Studies at Princeton University. She is a political economist by training and works on trade, energy, and tech conflicts with a broader range of regional focuses not just on the U.S. and East Asia, but also Europe. She studies economic pressures and conflicts, analyzing different policy outcomes based on governance structures – domestic institutions, leaderships, and bureaucracies that shape the policy formation process. Her current work pertains to post-pandemic geoeconomic conflicts in data governance and technology.

About the "Understanding North Korea Roundtable Series"

The Understanding North Korea roundtable series is a joint program of the National Committee on North Korea and the Wilson Center’s Hyundai Motor - Korean Foundation Center for Korean History and Public Policy. The roundtable series was established to enable emerging scholars of North Korea to share their research ideas with peers and experts in the field, and to publish their findings in a format accessible to a general audience.