Earlier this month, one of the world’s largest cryptocurrency exchanges, FTX, collapsed. While the sudden implosion of FTX sent shockwaves through the cryptocurrency industry, its demise also has implications for North Korea’s ability to continue to exploit weaknesses in the virtual asset ecosystem.
Due to the Kim Jong Un regime’s self-imposed isolation during the pandemic, North Korea has struggled to acquire the hard currency needed to fund its weapons programs and trade deficit. In pursuing a zero COVID strategy, North Korean exports shriveled to only tens of millions of dollars during 2020 and 2021, while the regime’s ability to engage in smuggling to evade U.N. sanctions was also hindered.
To compensate for its losses of hard currency, the regime has increasingly turned to the theft of cryptocurrency to fill its coffers. According to Chainalysis, a blockchain analysis firm, North Korea stole around $300 million in virtual assets in 2020 and nearly $400 million in 2021. So far this year, Chainalysis estimates that North Korea has stolen approximately $1 billion in cryptocurrency.
Hacking cryptocurrency exchanges and exploiting DeFi, or decentralized finance, are attractive options to North Korea for a series of reasons. While not fully anonymous, these new tools of finance are largely unregulated. They also use mixers that can obscure the origin of funds on blockchains. Know your own customer and anti-money laundering practices have not been universally adopted by the industry, making it attractive to actors like North Korea looking to avoid detection in the financial system.
DeFi specifically enables North Korean money laundering and hacking. DeFi platforms allow North Korea to exchange less liquid stolen coins for ones that are more easily convertible into cash. They also tend to not follow know your own customer protocols. Additionally, DeFi is particularly vulnerable to hacks due to flaws in its code and open source software that allows the potential hackers to search for vulnerabilities to exploit.
North Korea uses funds stolen and laundered on these platforms to fund its illicit activities. The U.N. Panel of Experts has noted that funds acquired from stolen cryptocurrency “remain an important revenue source” for North Korea and, along with other illicit activities, “directly and indirectly support the country’s weapons of mass destruction and ballistic missile programs.”
Concerns that North Korea utilizes funds stolen from cryptocurrency exchanges for its nuclear weapons and ballistic missile programs are shared by the U.S. government. The Office of the Director of National Intelligence noted in an unclassified report that the stolen funds are “probably [used] to fund government priorities, such as its nuclear and missile programs.” Deputy National Security Advisory for Cyber and Emerging Technologies Anne Neuberger has suggested the stolen funds may provide up to a third of funds for North Korea’s ballistic missile program.
While the focus on North Korea’s weapons programs is understandable, money is fungible and North Korea’s stolen cryptocurrency has also likely helped the regime to finance its trade deficit during the pandemic. In 2020 and 2021, North Korea ran a trade deficit with China of $645 million but stole close to $700 million in cryptocurrency. As North Korea has opened its border for longer periods this year, trade has grown. Imports from China through October rose to $657.4 million, while North Korea’s exports to China grew to $103.4 million. However, the nearly $1 billion in cryptocurrency North Korea has stolen this year is more than sufficient to cover its $554 million trade deficit with China.
On the surface FTX’s demise would seem to have no relation to North Korea’s crypto activities, but because of the regime’s heavy dependence on crypto currency it has three implications.
First and foremost, in a problem shared by all investors in cryptocurrency, FTX’s crash has reduced the value of North Korea’s crypto holdings. Chainalysis notes that North Korea does not immediately cash out all of its holdings and estimates that Ether has become the most common cryptocurrency stolen by North Korea, accounting for 58 percent in 2021. Ether was also the one of the most common cryptocurrencies in North Korea’s Ronin hack earlier this year. Its value was down 20 percent immediately after FTX’s crash and has continued to decline.
It is unclear how significantly FTX’s collapse will impact the value of cryptocurrency as contagion continues to spread. Crypto lender BlockFi has filed for bankruptcy, while Genesis has suspended the origination of new loans and redemptions (regular payments on fixed income products). Gemini has also suspended redemptions on its Earn program. As long as crypto firms continue to face contagion issues from FTX, cryptocurrencies will continue to be under pressure as well.
Second, firms will look to improve their systems. FTX was once one of the most respected crypto exchanges, but it is now known to have been extremely poorly run. Its new head, who also oversaw the dissolution of Enron, described the situation as the worst corporate failure he has ever seen. FTX was essentially run as a personal company with no proper internal bookkeeping or security. To avoid contagion from FTX’s liquidity crisis, crypto firms are already moving to prove their reserves, but will likely also likely look to improve other systems. North Korea has exploited the poor security and processes in the industry, and that should become more challenging over time.
Even if crypto firms do not take steps to improve their internal systems, FTX’s demise is creating greater regulatory scrutiny. Whether existing regulation or more bespoke regulations are developed for the crypto industry, new regulation will require greater internal controls than were seen at FTX and likely exist at most crypto firms. This would also move crypto more into line with the traditional financial system and its regulatory structure, closing some of the loopholes North Korea has exploited to launder money.
All of these changes will likely take time, and the vulnerabilities in open source software may be a permanent feature of the industry, but the scale of the FTX collapse will likely result in the types of corporate and regulatory changes that will make crypto less useful for North Korea.
For a regime that has become dependent on crypto to avoid sanctions and steal hard currency, FTX’s collapse couldn’t be more ill-timed.