Crypto assets stolen by North Korea’s elite hacking groups and used to fund illicit weapons programs may soon be tracked and frozen by the South Korean government as it gears up to submit a new bill.
According to several South Korean government sources who spoke to Korea JoongAng Daily, officials have been working on legislation for 10 months that aims to “track and neutralize virtual coins and other cryptocurrency assets stolen by the North through hacking,” according to one insider. It has already gone through a round of revisions to include “practical measures to bolster national security” at the order of president Yoon Suk Yeol, several said.
One higher-up who asked to remain anonymous told the outlet that the bill will reflect the president’s concerns that “the country’s cybersecurity framework urgently needs repair” after it was “allowed…to fall into ruin in order to avoid offending North Korea” under its last administration.
According to the South Korean National Intelligence Service, North Korea makes about 650,000 hacking attempts every day in South Korea alone. In April, a group of lawmakers condemned North Korean leader Kim Jong Un’s organised cybercrimes.
“You are turning your country into a giant crime ring, thieving and threatening the safety of other countries,” they said in an open letter read outside the North Korean embassy in the UK.
Alongside a plan to monitor and seize North Korean crypto, South Korea’s new bill will also include the creation of a national cybersecurity committee directly under the president’s control. It will be able to “ban the manufacture, import and sale of the products that interfere with cybersecurity,” according to one anonymous official.
North Korea has made a pretty crypto penny by hacking organizations and individuals over the years. According to Chainalysis, the country has racked up over $3 billion in digital heists. Its missile program has been funded roughly 50% by these cyberattacks, the US deputy national security adviser Anne Neuberger stated last year.
The methods used by government-backed hacking groups are growing more sophisticated. In July, government-backed group Labyrinth Chollima was found responsible for a cyberattack on US-based tech company JumpCloud in an attempt to gain access to its clientele of crypto firms. This method, known as “supply chain attacks” wherein service providers are infiltrated in order to access its wealthy customers, has become a well-honed specialty for North Korean hacking groups.