United States, South Korea, and Japan Create a Trilateral Council to Combat North Korean Cyber Attacks
Seoul’s presidential office announced on November 6 that the United States, Republic of Korea, and Japan will form a high-level trilateral consultative council in response to escalating North Korean cyber threats. The creation of this group is a direct result of the Camp David summit held in August 2023. The summit, intended to strengthen the trilateral security cooperation between the three states, concluded with three central methods that will raise the trilateral security cooperation “to new heights.” The newly-formed council plans on meeting every quarter, mainly focusing on confronting North Korea’s theft and use of cryptocurrency, as well as its overseas information technology (IT) workers.
According to the United Nations, North Korea set a record for its cryptocurrency theft levels in 2022. Sanctions monitors reported to a U.N. Security Council Committee that North Korea “used increasingly sophisticated cyber techniques both to gain access to digital networks involved in cyber finance and to steal information of potential value, including to its weapons programs.” These monitors further stated that, according to ROK estimations, hackers affiliated with North Korea stole virtual assets worth $630 million in 2022. Considering that the U.N. sanctions monitors estimated in 2019 that North Korea had produced about $2 billion over several years via cyberattacks, it is likely that North Korea’s cyber threats have since intensified.
The U.N. report further claimed that a substantial amount of cyber attacks were perpetrated by groups controlled by North Korea’s primary intelligence agency, the Reconnaissance General Bureau. North Korea has dispatched between 3,000 and 10,000 information technology workers overseas, earning an estimated $3,000 to $5,000 on average each month. As the regulations against North Korean workers overseas intensify following U.N. Security Council Resolution 2397, it is also reported that the North Korean government has been hiring non-North Korean workers to maintain revenue. In October 2023, the United States tracked 17 domains associated with North Korea’s overseas IT missions.
The severity of this issue is highlighted by the fact that North Korea uses the revenue earned via cyberattacks to fund its nuclear and WMD programs. While neighboring countries and the global community have been carefully monitoring North Korean cyber threats, North Korea has been denying all accusations.