Insight by Chainalysis

Countering North Korea, Russia means following the cryptocurrency

Two of the most troublesome regimes in the world – those of North Korea and Russia – differ in many respects. But they have one thing in common, namely the use...

Two of the most troublesome regimes in the world – those of North Korea and Russia – differ in many respects, including size and the ability to project their power. But they have one thing in common, namely the use of cryptocurrencies to help finance certain activities.

In the case of North Korea, also called the DPRK, crypto usage goes beyond paying for things.

“The national security implications of DPRK and their advanced use of cryptocurrency are really unique,” said Derek Claiborne, the director of national security initiatives at Chainalysis.

He pointed out that in 2022, by Chainalysis’s estimate, North Korea was linked to cryptocurrency hacks worth nearly $4 billion. He called that a conservative estimate.

“What’s really unique about the DPRK use of cryptocurrency is their ability to bypass traditional financial networks, and then evade sanctions that have been imposed upon them,” Claiborne said.

He said the North Koreans have developed sophisticated techniques for purloining and exploiting cryptocurrency, in some ways building a mirror capability of Chainalysis’s own.

“We sit at the center of the blockchain,” Claiborne said. “We curate all this data, develop tools, techniques and procedures and sit alongside governments and law enforcement to bring insights.

“But,” he added, “DPRK is doing the exact same things. They have an army of individuals in this space, learning new TTPs [trusted third parties], understanding new tactics and building new technologies like mixers and privacy coins, in order to evade sanctions.”  The result is a seemingly unstoppable way for the country to fund its weapons capabilities.

Privacy coins are designed specifically to make it harder for trackers to detect who is sending currency across networks. Mixers obscure those doing cryptocurrency trades by combining many users and transactions together. Claiborne said international banking and law enforcement groups have started focusing on regulating and developing counters to these technologies.

As for Russia, Claiborne said that the Putin regime used crypto to finance the mercenary forces it sent to Ukraine.

He noted that, even before the war in Ukraine, a high level of intelligence – including data from blockchain analysis – pointed to the Russian government’s intentions.

“Cryptocurrency was right there as one of those tipping points that allowed us to understand the nature of the invasion,” Claiborne said.

Analysis of crypto blockchains yields clues not only to what kinetic armies might do, he added, but also to information and influence operations.

“Cryptocurrency trades have been tied to information and influencing operations throughout Ukraine,” Claiborne said. “We’ve been able to trace the flow of funds tied with the information war campaigns that have allowed us to understand the nature of the battlespace there.”

This type of analysis can similarly help U.S. cyber officials understand the origins of the endless hacking attempts against federal agencies and business in the U.S. by understanding who is paying whom, Claiborne said.

Blockchain analysis, then, is also crucial to developing countermeasures. But “without good data, you’re tilting at windmills and maybe fighting the wrong adversary,” Claiborne said. At Chainalysis he said, “We have some individuals who can see transactions and say, ‘Okay, that’s Russia based, that’s DPRK based.’”

Using Chainalysis-supplied data, Claiborne said officials can develop options for how to proceed, such as seizing funds of terrorists or state-sponsored hacker groups.

He added, “Regulation and international cooperation are all critical in this space.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    cyber, EPA, Water Contamination Nitrates Oregon

    EPA fosters IT resilience through cloud, integrated teams, automation tools

    Read more
    Getty Images/iStockphoto/cybrainCloud Computing

    CISA directs agencies to find, fix cloud security misconfigurations

    Read more