Week 7: What can be done about North Korean Cryptocurrency use?

Last week we committed to focus the rest of our project on addressing North Korea’s use of cryptocurrency to evade sanctions.

After deciding this, we found ourselves in need of a map of North Korean cryptocurrency use. We began with a simple diagram of how North Korea attains, holds, and uses cryptocurrencies:

We discussed this mapping with several experts and its general framing seems to hold up. One key point of discussion, however was around the relative magnitudes of each of these buckets. Most people seem to think cryptocurrency mining is unlikely to be a major source of North Korean revenue as the mature coins require more and more processing power to produce marginal returns. Processing power, moreover, requires electricity, which in turn requires fuel. Being in short supply of the latter, mining is likely unfeasible for DPRK. Some cryptocurrencies, like Monero, are designed to reduce the specialized computing advantages of other coins but it still remains likely that mining is not a major source of North Korean revenue (although it can still be useful for laundering pseudonymous coins into more anonymous coins as discussed below).

Additionally, the universe of actors ready to spend or receive cryptocurrency on goods and services is relatively limited. One of our big questions going forward and one we’re not sure we’ll be able to answer is whether North Korea has developed partners willing to accept or send cryptocurrency in exchange for goods and services (such as refined petroleum being acquired through ship-to-ship transfers). More information on this subject would help us prioritize the levying of sanctions on entities facilitating these transactions and the eventual conversion of cryptocurrencies into fiat currencies that likely follows. (It is important to note that North Korea has also received cryptocurrencies in the past as part of ransomware attacks like WannaCry, but these attacks have so far resulted in little actual currency transfers despite their more significant economic damage).

Instead, we are proceeding on a rough assumption that North Korea is primarily attaining cryptocurrency through theft and primarily converting it to fiat currencies through exchanges. We will continue to evaluate both of these conclusions as we proceed.

Our next step was to hypothesize ways the US can interfere with North Korean cryptocurrency use, so we adapted our map:

We quickly received feedback from several interviews that trying to address the general cryptocurrency security practices that North Korea is exploiting is unlikely to be fruitful. Many of the exchanges and wallets North Korea is attacking have little incentive to prioritize security and some of them are engaged in shady practices themselves. While improvements in industry practices around security are important, we are unlikely to greatly influence them at any noticeable scale.

Instead, many of our interviewees directed us to looking at exchanges on the backend, where North Korea is likely exchanging cryptocurrency for fiat currency through some third party. These third parties are influenceable and this led us to our first idea for a potential MVP (and reviving a past MVP): creating a blacklist.

Unlike for our previous blacklist idea, we are not concerned about any run-away effects of legitimate businesses refusing to deal with North Korea in this space because it would be in US interests if North Korea was completely forced out of the cryptocurrency world and into fiat currency transactions for increased transparency. Thus, we propose developing and publishing a black list of exchanges found to have facilitated the exchange of North Korean cryptocurrency for fiat currency to disincentivize others from working with them.

There is an additional complication here, however, as there are multiple reports that North Korea has increasingly used more anonymous cryptocurrencies, like Monero, to launder Bitcoin and other pseudonymous coins to reduce their traceablility. This might undercut the ability of US actors to identify exchanges for listing, although we have heard conflicting things about the difficulty of tracking different cryptocurrencies. This is an area for further investigation.

We also developed an alternate MVP around the idea that US negotiators might find it useful to suddenly ratchet up pressure on North Korean cryptocurrency use at key moments in negotiation. We are still developing ideas around this theory but are considering something roughly like the following:

In order for such a plan to work, we would have to assume the following:

•Bitcoin and other pseudonymous cryptocurrencies are trackable by US Government actors, as long as Monero and more private coins are not usable for laundering transactions •Monero and quasi-anonymous cryptocurrencies are not reliably trackable •51% Attacks are possible at roughly fixed costs as set out here: https://www.crypto51.app/

There are serious disadvantages to initiating a plan like this, however:

•Likely massive public backlash from privacy/cryptocurrency community (mitigatable in part by not using a 51 hold on Bitcoin itself, at the cost of sending a weaker message) •Cost is reasonable for short time frames but susceptible to other actors increasing their mining to raise (mitigatable by publishing that the US gov’t is doing it and only maintaining holds for short, tactical timeframes) •Private actors in space will likely create workarounds and new coins, so effectiveness will be limited in repeated attempts

But we also see some serious potential upsides:

•Potential to completely halt and continuously cripple North Korea’s use of cryptocurrencies •Coordinated effort will likely have increased signaling impact that US is willing to use its capabilities in this sphere •As non-cryptocurrency avenues of restricting North Korean access to currency ratchet up the pressure, they may find themselves more and more reliant on cryptocurrency. Strategically freezing their entire ability to move cryptocurrency may have significant impact on their decision making

Ultimately we are still working on this potential plan of action for suddenly and broadly interfering with North Korean cryptocurrency use. We have heard serious skepticism about the wisdom of such a plan from practitioners in the crypto space, especially as related to the 51% holds. We definitely need to consider these concerns as we proceed.

Interviews this week:

We focused this week on learning from experts in cryptocurrency and cybersecurity about the general framework that underlies North Korea’s actions in this world.

  1. Dan Morehead, CEO Pantera Capital
  2. Donnie Hasseltine, Chief Security Officer, Xenon Ventures
  3. Marc Zlomek, USCG
  4. Chris Painter, Former US Coordinator for Cyber Issues
  5. Joe Grundfest, Professor at Stanford Law School
  6. Lenny Raymond, Partner at Volvox
  7. Adam Meyers, VP for Intelligence
  8. Steve Weinstein, Professor at Stanford University
  9. Jeff Ladish, Former CISO at Reserve
  10. Josh Bernstein, Crypto Investo

Key Learnings:

Learning #1: The theft, rather than mining, of cryptocurrencies has provided DPRK with $500M+ worth of cryptocurrency (mostly Bitcoin).
Learning #2: Insecure cryptocurrency exchanges in ASEAN countries facilitates these practices.
Learning #3: The private sector is unsure how the DPRK has or will convert cryptocurrency holdings to fiat currency or use cryptocurrency to procure resources, which implies the DPRK’s use is not public knowledge within the cryptocurrency community.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s