WASHINGTON (Reuters) – The coordinator for the U.N. body monitoring enforcement of sanctions on North Korea said on Wednesday a stepped up focus was needed on cybercrime, which had become fundamental to Pyongyang’s ability to finance its banned weapons programs.
Eric Penton-Voak, of the U.N. Security Council’s Panel of Experts on North Korea, noted that despite the widest sanctions regime ever imposed by the United Nations on a nation state, North Korea had markedly accelerated its missile testing, particularly over the past six months.
“It may be no coincidence that the words cyber and crypto-currency do not actually appear in the U.N. sanctions resolutions,” he told a discussion hosted by Washington’s Center for a New American Security think tank.
Penton-Voak said he believed cyber activity had become “absolutely fundamental” to North Korea’s ability to evade U.N. sanctions to raise money for its nuclear and missile programs, but biannual reports of the experts’ panel had not reflected this as member states had been reluctant to report breaches.
“We rely on U.N. member states to inform us about breaches in order to investigate. But many, many member states are quite cautious about their own cyber capabilities,” he said.
“Victims for their part are often very reluctant to discuss how hacks happened and how extensive they were … I do hope and expect that our reports in the future will rather better reflect the central importance of cyber-enabled financial crime to (North Korea).”
Penton-Voak said North Korean hackers were at the cutting edge of cyber technology, as shown by the recent hack of the Axie Infinity video game.
The United States last week linked North Korean hackers to the theft of hundreds of millions of dollars’ worth of cryptocurrency tied to Axie Infinity.
Ronin, a blockchain network that lets users transfer crypto in and out of the game, said digital cash worth almost $615 million was stolen on March 23.
A post on the official Ronin blog said the FBI had attributed the hack to the Lazarus Group, a hacking entity the Washington says is controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau.
It has been accused of involvement in the “WannaCry” ransomware attacks, hacking of international banks and customer accounts, and 2014 cyber-attacks on Sony Pictures Entertainment.
Washington has been pushing the U.N. Security Council to blacklist Lazarus and freeze its assets, according to a draft resolution reviewed by Reuters last week.
(Reporting by David Brunnstrom; Editing by Alex Richardson)