Beyond North Korea’s nuclear and military programme lies a dense web of global commercial networks. While most legitimate businesses are unlikely to be directly involved with activities related to North Korea, this report seeks to demonstrate that the potential for becoming involved with commercial entities and interests linked to the country and its leadership remains a threat. The increasing sophistication of North Korea’s methods and the inconsistent implementation of regulations by international agencies and individual countries expose multilateral corporations and global financial institutions to the risk of sanctions compliance.
On 22 March, the Wall Street Journal newspaper reported that the U.S. government was building a case against North Korea, formally known as the Democratic People’s Republic of Korea (DPRK), for its involvement in a USD81 million theft of funds owned by Bangladesh’s central bank.
The incident involved the Belgium-based Swift financial messaging network, which is used by more than 11,000 financial institutions worldwide for communicating and verifying banking and related transactions. On February 2016, hackers breached Bangladesh’s central bank system to send fake payment orders valued at nearly USD1 billion via Swift to an account at the Federal Reserve Bank of New York. While most of the requests were rejected, several transactions valued at USD81 million went through and were transferred to the Philippines before subsequently disappearing into its casinos.
If accurate, the theft of Bangladesh’s funds by North Korea would be the first known case of bank theft by a nation-state in a cyberattack.
U.S. investigators believe that the theft was linked to North Korea and executed with the help of Chinese middlemen. If accurate, the theft of Bangladesh’s funds by North Korea would be the first known case of bank theft by a nation-state in a cyberattack.
Based on findings by cybersecurity firm Symantec Corp., the malware used in the Bangladesh attack was similar to that found in a series of unsuccessful cyberattacks targeting financial institutions in South-East Asia and Poland in the past 12 months. The same software was also used in the November 2014 hack of U.S.-based film studio Sony Pictures; Washington identified Pyongyang-associated hacking group Lazarus as responsible for that attack.
Revelations of such illicit activities turned investigators’ attention towards Swift’s role in linking North Korea to the global financial system. In March 2017, Swift severed its relationships with seven sanctioned and non-sanctioned DPRK banks after coming under pressure from the U.S. government after it was warned its business ties with North Korea potentially violated U.S. laws.
The international sanctions regime against North Korea is now in its 11th year, albeit with limited successes. Annual U.N. reports highlight Pyongyang’s ever-changing tactics to evade sanctions and a list of countries help facilitate its efforts to maintain or gain access to global financial and trading systems and networks. Non-compliant countries and entities include North Korea’s largest trade partner and de facto patron China and the Chinese financial hub of Hong Kong. In Africa, the Democratic Republic of the Congo has repeatedly ignored U.N. pressure, not least by in 2016 inviting the DPRK military to train its armed forces. Namibia has also employed North Korea’s Mansudae Overseas Group in various construction projects, including building a military munitions factory.
While official trade with the DPRK is almost negligible, many South-East Asian countries have permitted North Korean-front companies to operate in their territories for many years.
Further, the assassination of Kim Jong-nam, half-brother of North Korean leader Kim Jong-un, on 13 February in Malaysia’s Kuala Lumpur airport revealed the DPRK’s lesser-known diplomatic relations with South-East Asia. While official trade with the DPRK is almost negligible, many South-East Asian countries have permitted North Korean-front companies to operate in their territories for many years. They include Malaysia, Singapore and Thailand, where North Koreans are involved in a wide range of legal and illicit activities ranging from banking and barter trade to procuring defence equipment.
A recent investigation by Reuters news agency highlighted a number of these transactions, many of which are in violation of international sanctions. For example, Reuters reported that the DPRK intelligence agency allegedly sells military communications equipment under the guise of a Malaysia-registered company called Glocom, in turn controlled by Singapore-based Pan Systems. In addition to its defence-orientated ventures, Glocom is also linked to money-laundering activities in Malaysia, where it is also alleged to have connections with prominent local politicians.
The lack of political will in punishing and enforcing sanctions against North Korea is also evident in the West. About 1,000 North Korean workers are currently employed in Europe, most of them in Poland’s shipyards and farms. Nauta is one such firm. The ship repair yard in the Polish city of Gdynia is certified to work on North Atlantic Treaty Organisation (Nato) warships.
While the hiring of North Korean labour is legal in Poland, the arrangement poses security threats and contradicts national and E.U. labour and human rights laws…