Key Learning Moments
- The process of interagency coordination is actually very well structured. An interagency task force employs a unique model to coordinate all actors’ actions: private and public, foreign and domestic, strategic and operational.
- Illegal activity not linked to DPRK makes it harder to detect anomalies and generates a lot of (wasteful and costly) false positives.
- The seemingly only area that is not mapped well enough is DPRK’s illegal extraction, laundering and spending of cryptocurrencies (mainly Bitcoin).
- The operators on the ground distrust the intelligence passed down to them.
Nothing on the sea meters if China opens another pipeline.OSD Sponsor
The DPRK, faced with increased international pressure along their physical transportation routes (maritime and land) has reverted to circumventing the sanctions by:
- Employing state-sponsored security professionals, including the Lazarus Group, refereed to commonly as APT (Advanced Persistent Threat) 38 to extract cryptocurrency from wallets, exchanges etc.
- Rerouting the stolen currency through a mixture of commonly used (US-Based) and more obscure (mainly East-Asian) exchanges and clearing houses and gradually converting it to hard currency (USD, EUR, CNY)
- Spending the illegally-obtained currency on luxury items, refined petroleum, industrial machines etc.
Currently, the sanction-enforcement authorities have little tools available to tackle this stream of DRPK financing.
If you are my private think tank, I want you to figure out a way to stop NK from making money using cyber tools. I want a mechanism that rivals in the cyberspace what we can already do in the physical space.An individual experienced with the Interagency Task Force
Researching the policy vectors that could be applied along with the ways DPRK currently performs their operations will form the bedrock of the policy recommendations we will be presenting as our deliverable.
Where we stood and where we stand. How we chose our major.
Throughout the past weeks we have explored several different MVP ideas. Most of them have been abandoned, before we committed to the predictive modelling approach.
- Improved blacklists have been proven to give negative value due to inability to fine-tune the pressure after inclusion on the list.
- Flag state approval reform was ineffective as interdictions don’t actually happen (the US ships come close and photograph suspicious assets).
- Process Improvement turns out to be ineffective due to the presence and efficiency of the interagency task force.
- The Internal Wiki would overlap with solutions currently in existence.
- Improved negotiation toolkit (providing better materials to negotiators) has proven to require access to information beyond our grasp.
Next week we’re intending to continue working to get a better understanding of the new problem space. We will be trying to learn:
- What the most common vectors of cryptocurrency-related crime are in general and whether there are some distinguishing features DPRK employs.
- How do nation-states currently regulate cryptocurrency security and if there are any mechanisms in use to tackle this kind of crimes.
- Who are the individuals responsible for enforcement on the US side (and hopefully talk to them as well)
The key action items are listed below:
The main interviewees are going to be: Stanford Faculty, private sector security professionals, and people with relevant intelligence experience.
Interviews this week
This week’s interviews have been largely divided into three categories:
- Military personnel and analysts who would validate our predictive modelling MVP
- Specialists in cybercrime and cryptocurrencies-based money laundering who would help us better explore this new field
- Process coordination insiders who helped us validate hypotheses from last week.