Advancing Trilateral Cooperation to Disrupt Democratic People’s Republic of Korea (DPRK) Cyber-Enabled Revenue Generation

Interagency delegations from the United States, Japan, and the Republic of Korea (ROK) gathered in Washington, D.C. on June 25 and 26 to coordinate responses to the DPRK's cryptocurrency theft, laundering, information technology (IT) worker schemes, and malicious cyber activity at the Trilateral Diplomatic Working Group on DPRK Cyber Threats. All three delegations reiterated their commitment to achieving the complete denuclearization of the DPRK and denying the DPRK revenue to support sanctioned activities, including the unlawful development of weapons of mass destruction and ballistic missiles.

Representatives from the United States, the ROK, and Japan expressed concern over cryptocurrency heists perpetrated by the DPRK, and noted reports of incidents including the theft of $290 million from KelpDAO and $285 million from Drift Protocol. Participants committed to increase efforts to expose DPRK cryptocurrency theft and to raise awareness of the threat posed by DPRK actors, including in Europe, Southeast Asia, and Africa. Representatives from all three countries noted the increasing risk posed by DPRK IT workers utilizing AI capabilities and committed to support industry efforts to enhance detection and mitigation of schemes to defraud U.S. and international companies.

Participants reiterated the importance of continued law enforcement cooperation and coordination to strengthen enforcement of international sanctions against the DPRK to prevent malicious cyber activity and illicit revenue generation.

Representatives reiterated the importance of leveraging private sector expertise, and expressed gratitude to Coinbase, Mandiant Threat Intelligence (part of Google Cloud Security), Polymarket, and Upwork for participating in the inaugural private-sector session of the Trilateral Diplomatic Working Group on DPRK Cyber Threats.

Tags