All posts by Morgen Peck

What North Korea Really Wants From Its Blockchain Conference

Post Syndicated from Morgen Peck original https://spectrum.ieee.org/tech-talk/computing/software/north-korea-blockchain-conference

A blockchain conference slated to take place next week in Pyongyang, North Korea, now seems unlikely to go forward as law enforcement agencies in the United States and regulators at the United Nations send a clear message that the transfer of cryptocurrency and blockchain expertise to the DPRK will not go unpunished. The uncertainty surrounding the event comes as fallout from a similar conference in 2019 continues to spread into the new year.

The 2019 conference, which took place last April resulted in the arrest of Virgil Griffith, a U.S. citizen and Ethereum developer who gave a presentation on blockchain technology in Pyongyang after receiving warnings from the FBI not to do so. The Southern District of New York charged Griffith in early January with one count of conspiracy to violate the International Emergency Economic Powers Act. He is now on bail awaiting trial. 

Plans for a 2020 repeat of the conference drew a quick response from the United Nations, which flagged the event as a likely sanctions violation in a confidential report, according to Reuters. The website for the conference has since been taken down. Organizers did not respond to emails asking about the status of the event. However, one of the organizers listed on the website of the 2019 conference, Chris Emms of Coinstreet Partners, responded on the messaging app, Telegram to say he is no longer involved. “I am not involved nor am I organising it whatsoever [sic],” wrote Emms.

With the fate of the event in doubt, experts are now debating whether it would have indeed complicated international efforts to restrict North Korea’s ability to finance its nuclear program. Over the last three years, the regime has proven itself highly proficient at implementing cryptocurrencies, both for criminal and non-criminal activities. Some analysts argue there’s little a developer like Griffiths could teach officials in the North Korean regime about money laundering and sanctions evasion that they don’t already know. 

“I don’t think he was sharing any shocking insights,” says Kayla Izenman, a research analyst at the Royal United Services Institute in London. “It’s pretty obvious that North Korea knows what they’re doing with cryptocurrency.”

According to Izenman’s own research at RUSI’s Centre for Financial Crime and Security Studies, North Korea has successfully used cryptocurrencies as a revenue stream and money laundering tool since at least 2017. In May of that year, North Korea-affiliated hackers deployed the Wannacry ransomware attack that first hit hospitals in the United Kingdom, but went on to circle the globe within five days. The Wannacry worm took computer hard drives hostage but offered victims the chance to recover data in return for bitcoins.

North Korea has sought out other cryptocurrency-related revenue streams as well. One of the most lucrative has been a series of hacking attacks carried out against online exchanges that often hold large sums of cryptocurrency. Izenman’s research indicates that the regime has been especially successful preying on low-security exchanges in South Korea. 

“They’ve actually been wildly successful in what they’ve done and it’s been, I would say, relatively low effort,” says Izenman.

Research indicates that the North Korean regime has also been mining cryptocurrency, either to use in illicit transactions today or to hoard for future use. A report released last week by the cybersecurity firm, Recorded Future, found that North Korea has increased its mining of the cryptocurrency Monero by tenfold since 2018.

Monero is a privacy coin that obscures the identity of users, making it difficult, if not impossible, to track transactions. After Wannacry, hackers exchanged the bitcoin proceeds from that attack into Monero, at which point, investigators lost track of the funds. 

“Following the money is the absolutely key to placing any leverage on the Kim regime,” says Priscilla Moriuchi, an author on the Recorded Future report and a senior fellow at Harvard’s Belfer Center for Science and International Affairs. “Where crypto enters and what exits that chain is absolutely critical.”

As the North Korean regime finds ways to bring in cryptocurrency, it also needs ways to cash out. To do so, it relies on regional cryptocurrency exchanges that operate below the radar. According to Izenman, there are plenty to choose from.

“It’s just a huge weak spot,” says Izenman. “In some places exchanges don’t have to do comprehensive due diligence because there’s no government regulation. In some places they don’t have to do it because the existing government regulation isn’t enforced. And some exchanges just aren’t compliant with regulation. There are so many gaps in the whole system.”

But Moriuchi stresses that there is a broader issue at play. “It’s not just cryptocurrency that has changed the game. It’s the entire weaponization of the internet,” says Moriuchi. “The things that the North Korean state are doing, engaging in the blockchain development, mining cryptocurrency, doing IT work, ripping off gamers, robbing banks. All of these are things that other countries are starting to emulate.”

Why then would a country that is itself host to some of the most expert cyber-criminals in the world need to host a conference about blockchain technology? Izenman suggests the event may serve more as a propaganda tool than technology transfer.

“What they want is the attention from having the conference and being able to fly in Americans and say, “look we have a guy from Ethereum talking to us about crypto and how we can evade sanctions,’” says Izenman. “So I kind of get why, as a U.S. entity, you would be wanting to stop that idea from spreading.”