Week 7: What can be done about North Korean Cryptocurrency use?

Last week we committed to focus the rest of our project on addressing North Korea’s use of cryptocurrency to evade sanctions.

After deciding this, we found ourselves in need of a map of North Korean cryptocurrency use. We began with a simple diagram of how North Korea attains, holds, and uses cryptocurrencies:

We discussed this mapping with several experts and its general framing seems to hold up. One key point of discussion, however was around the relative magnitudes of each of these buckets. Most people seem to think cryptocurrency mining is unlikely to be a major source of North Korean revenue as the mature coins require more and more processing power to produce marginal returns. Processing power, moreover, requires electricity, which in turn requires fuel. Being in short supply of the latter, mining is likely unfeasible for DPRK. Some cryptocurrencies, like Monero, are designed to reduce the specialized computing advantages of other coins but it still remains likely that mining is not a major source of North Korean revenue (although it can still be useful for laundering pseudonymous coins into more anonymous coins as discussed below).

Additionally, the universe of actors ready to spend or receive cryptocurrency on goods and services is relatively limited. One of our big questions going forward and one we’re not sure we’ll be able to answer is whether North Korea has developed partners willing to accept or send cryptocurrency in exchange for goods and services (such as refined petroleum being acquired through ship-to-ship transfers). More information on this subject would help us prioritize the levying of sanctions on entities facilitating these transactions and the eventual conversion of cryptocurrencies into fiat currencies that likely follows. (It is important to note that North Korea has also received cryptocurrencies in the past as part of ransomware attacks like WannaCry, but these attacks have so far resulted in little actual currency transfers despite their more significant economic damage).

Instead, we are proceeding on a rough assumption that North Korea is primarily attaining cryptocurrency through theft and primarily converting it to fiat currencies through exchanges. We will continue to evaluate both of these conclusions as we proceed.

Our next step was to hypothesize ways the US can interfere with North Korean cryptocurrency use, so we adapted our map:

We quickly received feedback from several interviews that trying to address the general cryptocurrency security practices that North Korea is exploiting is unlikely to be fruitful. Many of the exchanges and wallets North Korea is attacking have little incentive to prioritize security and some of them are engaged in shady practices themselves. While improvements in industry practices around security are important, we are unlikely to greatly influence them at any noticeable scale.

Instead, many of our interviewees directed us to looking at exchanges on the backend, where North Korea is likely exchanging cryptocurrency for fiat currency through some third party. These third parties are influenceable and this led us to our first idea for a potential MVP (and reviving a past MVP): creating a blacklist.

Unlike for our previous blacklist idea, we are not concerned about any run-away effects of legitimate businesses refusing to deal with North Korea in this space because it would be in US interests if North Korea was completely forced out of the cryptocurrency world and into fiat currency transactions for increased transparency. Thus, we propose developing and publishing a black list of exchanges found to have facilitated the exchange of North Korean cryptocurrency for fiat currency to disincentivize others from working with them.

There is an additional complication here, however, as there are multiple reports that North Korea has increasingly used more anonymous cryptocurrencies, like Monero, to launder Bitcoin and other pseudonymous coins to reduce their traceablility. This might undercut the ability of US actors to identify exchanges for listing, although we have heard conflicting things about the difficulty of tracking different cryptocurrencies. This is an area for further investigation.

We also developed an alternate MVP around the idea that US negotiators might find it useful to suddenly ratchet up pressure on North Korean cryptocurrency use at key moments in negotiation. We are still developing ideas around this theory but are considering something roughly like the following:

In order for such a plan to work, we would have to assume the following:

•Bitcoin and other pseudonymous cryptocurrencies are trackable by US Government actors, as long as Monero and more private coins are not usable for laundering transactions •Monero and quasi-anonymous cryptocurrencies are not reliably trackable •51% Attacks are possible at roughly fixed costs as set out here: https://www.crypto51.app/

There are serious disadvantages to initiating a plan like this, however:

•Likely massive public backlash from privacy/cryptocurrency community (mitigatable in part by not using a 51 hold on Bitcoin itself, at the cost of sending a weaker message) •Cost is reasonable for short time frames but susceptible to other actors increasing their mining to raise (mitigatable by publishing that the US gov’t is doing it and only maintaining holds for short, tactical timeframes) •Private actors in space will likely create workarounds and new coins, so effectiveness will be limited in repeated attempts

But we also see some serious potential upsides:

•Potential to completely halt and continuously cripple North Korea’s use of cryptocurrencies •Coordinated effort will likely have increased signaling impact that US is willing to use its capabilities in this sphere •As non-cryptocurrency avenues of restricting North Korean access to currency ratchet up the pressure, they may find themselves more and more reliant on cryptocurrency. Strategically freezing their entire ability to move cryptocurrency may have significant impact on their decision making

Ultimately we are still working on this potential plan of action for suddenly and broadly interfering with North Korean cryptocurrency use. We have heard serious skepticism about the wisdom of such a plan from practitioners in the crypto space, especially as related to the 51% holds. We definitely need to consider these concerns as we proceed.

Interviews this week:

We focused this week on learning from experts in cryptocurrency and cybersecurity about the general framework that underlies North Korea’s actions in this world.

  1. Dan Morehead, CEO Pantera Capital
  2. Donnie Hasseltine, Chief Security Officer, Xenon Ventures
  3. Marc Zlomek, USCG
  4. Chris Painter, Former US Coordinator for Cyber Issues
  5. Joe Grundfest, Professor at Stanford Law School
  6. Lenny Raymond, Partner at Volvox
  7. Adam Meyers, VP for Intelligence
  8. Steve Weinstein, Professor at Stanford University
  9. Jeff Ladish, Former CISO at Reserve
  10. Josh Bernstein, Crypto Investo

Key Learnings:

Learning #1: The theft, rather than mining, of cryptocurrencies has provided DPRK with $500M+ worth of cryptocurrency (mostly Bitcoin).
Learning #2: Insecure cryptocurrency exchanges in ASEAN countries facilitates these practices.
Learning #3: The private sector is unsure how the DPRK has or will convert cryptocurrency holdings to fiat currency or use cryptocurrency to procure resources, which implies the DPRK’s use is not public knowledge within the cryptocurrency community.

Week 4 Customer Discovery

To prepare for week 4 we are hoping to dig up a few more pain points or gain areas that might help us solidify our product-market fit on our mission model canvas. We plan to accomplish this by hitting one last round of North Korean experts, focusing some on economic and market dynamics. We also want to confirm that certain assumptions about who benefits from smuggled petroleum are correct.

We also want to test an idea that came out of an interview regarding the narrowness of the OFAC SDN list and the possibility of providing gains to corporate executives concerned with legal and public relations exposure while also supporting the US lead negotiator by weakening North Korean access to smuggled petroleum products.

Weekly Hypotheses:

  1. Refined Petroleum imported illegally through ship-to-ship transfers is primarily benefiting the North Korean state and not quasi-private black market actors.
  2. The Treasury Department OFAC SDN list is significantly underinclusive of all relevant bad actors and publishing a wider ranging list would reduce North Korea’s access to sanctions evading markets.


We will conduct Customer Discovery interviews to test our hypotheses. We especially hope to pull out of each interview one or two ideas for areas that need attention and possible future MVPs.

Week 3: Moving away from at-sea interdictions

Key Learning Moments

  • We learned that there are very few actual at-sea interdictions performed to enforce refined petroleum import sanctions.
  • We learned that reforming the flag state approval process is unlikely to meaningfully improve refined petroleum interdiction capabilities related to North Korea.
  • There formal US Treasury Sanctions list likely does not include all publicly known bad actors and thus is underinclusive of potential targets.

Experiment Results

An Underlying Assumption for our active hypotheses was disproved.

We had assumed without proving that a significant number of at-sea interdictions were occurring or were predicted to occur related to efforts to curb North Korean refined petroleum imports. We were quickly disabused of this notion across several interviews. Despite some serious at-sea interdiction efforts related to missile and nuclear technologies, at-sea interception of refined petroleum smugglers is incredibly rare (and even when it does occur, it rarely results in a boarding). We also learned that what interdiction do occur are far more likely to be driven by active intelligence rather than a patrolling vessel happening upon an illicit scene.

Hypothesis 2, related to shortening the flag state approval process, was also disproved.

Our vision for eliminating a pain point around flag state approval procedures was undercut by the discovery that at-sea interdictions are rare and are often directed in advance based on active intelligence. Because the model we were working with involved a ship commander having to wait for a convoluted flag state approval process to occur, we thought it was an area for improvement. Now that we realize interdiction missions will usually be planned in advance, there is little likelihood of flag state approval holding up the process.

Mission Model Canvas Impacts

We need to work to better identify our final beneficiaries. We will have a difficult time solidifying any plans if the only person we know we want to benefit is the lead US negotiator. This problem is intertwined for us with identifying what aspect of the problem we want to influence given the wide variety of actors involved with the greater North Korean sanctions effort.

Moving away from at-sea interdictions as our focus changes the networks we expect to be working within to effectuate change. Instead of ship commanders and tactical leads, we may find corporate shipping executives and port authority managers to be more relevant. Similar to our difficulties with identifying beneficiaries without having first solidified which “market” we hope to impact, it is hard to identify future partners or opponents of changes we might make.


We learned early on that focusing on at-sea interdictions was unlikely to be fruitful so we tried to engage a wider network of informed experts to help identify new areas of influence to investigate.

  1. Adam Smith, Former Senior Advisor OFAC
  2. Andrew Moore, Former State Dept
  3. David Debartolo, Former State Dept
  4. Katie Visser, Special Counsel to the General Counsel, Dept. of Defense (on background)
  5. Jeremy Weinstein, Former USUN, Former NSC
  6. Van Jackson, Professor at Victoria University in Wellington, New Zealand
  7. Youngjoo Cho, Aviation and Korean Law Expert, Stanford
  8. Paweł Jabłoński, Department of Strategic Project Coordination, PM Office, Poland
  9. Michał Lewandowski,  OLAF (European Anti-Fraud Office)
  10. Vincent Kor, Maersk International

Week 2.5: Explaining Ourselves

One of the major differences in attacking this problem through the lean launchpad methodology vice traditional hierarchical policy organizations is that we are constantly engaging with a revolving cast of potential customers and beneficiaries instead of having a single stakeholder directing us. This gives us flexibility and access to a more diverse set of viewpoints, but it also means that we can’t take even the most basic assumptions for granted in our discussions. This has led us to realize that it might benefit us to make some of our thought processes more public in order to receive more focused feedback. To that end, we wanted to start this week’s blog post off by revisiting some of our Week 0 and Week 1 work that is directing a lot of our current thinking.

One of the central difficulties to our problem is deciding at what level of generality we can add value to an effort that is already the subject of significant and diverse attention across several agencies and departments. In order to attack this problem, we began by trying to map out the universe of actors in the following graphic:

But even this graphical tool had several assumptions and decision baked into it, so instead of beginning here, we decided to start from scratch and explain our thought processes more comprehensively. Our sponsor, the Office of the Secretary of Defense put forward our problem as one of maritime sanctions enforcement:

“Develop an approach for the Office of the Secretary of Defense to enforce United Nations Security Council international maritime resolutions in order to better compel an end to North Korea’s nuclear weapons program.”

But even this formulation makes some assumptions that we would like to identify, either for further validation or to point out what assumptions we are working from. To accomplish this, we begin with the fundamental block of this class: US National Security Interests. Our goal with this project is to develop a product that will in some small way further US National Security. More specifically, in this case, we are trying to further US National Security by reducing North Korea’s nuclear and ballistic missile capabilities.

Even this basic inference is not without detractors, as some in academia and out have argued that long term national security interests might be better served by wider spread of nuclear weapon capability. Whatever the current state of political science regarding this, we think it safe to accept that reductions in North Korean nuclear and missile capabilities will serve US national security interest based on widespread public concern, political agreement, and policy direction. Our project then, must in some way affect North Korean nuclear and ballistic missile capabilities.

There are two ways that US actors can try to influence North Korean capabilities. First, the US can try to undercut North Korea’s technical ability to develop, maintain, launch, or successfully detonate nuclear weapons and ballistic missiles. This has been an area of intense attention from the US and international community through four main avenues:

The most severe method for addressing threats from North Korea involve direct military action. For obvious reasons, this is not a favored strategy. Perhaps more directly for our work, the resorting to force involves political-strategic calculations that we are unlikely to influence through this project.

A less drastic form of direct action against North Korean capabilities involves “left of launch” methods. Though inherently appealing as a way of undercutting the threat without much cost, covert action in this way is potentially dangerous because of the internal effects if may have on the North Korean regime.. It is hard to trust that left of launch methods will be completely effective because of the complex and increasingly domestic nature of the North Korean program. Regardless of the ultimate appropriateness of a left of launch strategy, we are unlikely to add value to the decisions in that area because they are inevitably intertwined with highly classified sources and methods capabilities that we do not have access to.

A third avenue of addressing North Korea’s ability to harm the US and US allies involves missile defense. There is a long history of debates around the wisdom of deploying missile defense systems to the region. This debate inevitably intersects with great power dynamics involving Russia and China whose own missile capabilities are also affected by any defenses in the region. We also concluded that our ability to add value to US decision making or technology development in this area is low, given the immense technical and strategic complexity of missile defense systems like THAAD and AEGIS and the difficult strategic calculations that must be made, relying on information we are unlikely to have full access to.

The final major way to undercut North Korea’s technical ability to threaten US interests is by restricting its access to resources necessary to its missile and nuclear programs. This has been a major focus of the US and international efforts to curb the North Korean threat, as can be seen in some of the early UN Security Council Resolutions addressing the modern issue, which focused largely on the importation of missile and nuclear technologies. This has been an area of active efforts by the US and allies in the past and continues to be an important tool in addressing the North Korean threat. Our team, however, has tentatively determined that it will not be a major are of investigation for us for three reasons (though we are still validating this decision). First, several of our interviews indicated that there is a lot of internal focus on the enforcement of weapons related sanctions in the intelligence, military, and diplomatic communities and thus we are likely to end up duplicating internal efforts. Second, as we have learned though countless awkward silences and long pauses, these efforts are often highly classified and intertwined with sources and methods; so we are unlikely to have access to enough of the picture to determine where the pain points and inefficiencies are in the current system. Finally, there is some reason to believe the arms-embargo side of North Korean sanctions will become less effective as the North Korean program advances. Successful Nuclear and Ballistic missile testing indicates an increase in domestic competency that is less susceptible to external embargoes. There are still serious questions about their miniaturization efforts that remain untested and thus may still require outside components, but the overall progress of the North Korean program is rapidly diminishing the likelihood that technical component importation will remain a significant obstacle for North Korean capabilities.

This lead our team to investigate the other prong of the equation, how to change the calculations of North Korean decision makers on this issue.

There is a central problem to any effort to change North Korean decision making related to their nuclear and ballistic missile program: They view it as an essential security guarantee against existential threats. Thus, any effort to change their decision calculus must create enough pressure to outweigh an interest as strong as regime survival itself. There are two main ways this might be accomplished: first, by creating a separate threat to regime security that is more immediate than those North Korea seeks to deter through nuclear weapons or second, by decreasing the threat perception of North Korean leadership and offering positive reinforcement to incentivize deescalatory decisions.

This is not an easy task, and the US has few tools at its disposal to change North Korean thinking because of decades of estrangement and the counterbalancing strategic interests of China and Russia. The main mechanism available to the US is sanctions, both through the UN Security Council and unilaterally. There are serious questions about whether sanctions of this sort will ever be effective against North Korea. Despite these serious questions, sanctions represent basically the only public mechanism to influence decision makers short of force and there is evidence they have some significant effect. Most importantly, they are an important ingredient of any overall strategy to change behavior, even if they are unlikely to prove decisive on their own.

The other main mechanisms by which the US might influence North Korean decision making involve limited uses of force to change their threat calculations or covert action. Both of these provide less appealing area of investigation for our team because of limited access to classified information and concerns about ultimate effectiveness. Limited uses of force are practically precluded by North Korea’s immense deterrent capabilities against South Korea. Covert action to influence regimes has a long and sometimes sordid history, but even if it were to be pursued, we would have no access to any of the necessary information to make informed decisions about its use.

Because of this, we have tentatively concluded that sanctions enforcement is a worthwhile way to address the North Korean threat. Even if sanctions are not fully effective themselves, they are a useful supplementary tool and UN Security Council sanctions have the added benefit of engaging the wider international community in a way that does reputational harm not only to North Korean actors but other countries and private actors that might otherwise deal with them. Because of these potential benefits and our relative weaknesses in addressing other areas, we think we can safely focus on effectuating decision-maker influencing sanctions as the focus of our project.

This leads us to look back at the ways in which North Korean decision makers can be incentivized to change their behavior, either through threatening regime security or by reducing threat perceptions and rewarding positive steps. We established seven main methods(though we have not yet determined this list to be exhaustive) to accomplish this goal and grouped them by whether they involve undercutting regime security or deescalation and positive reinforcement.

Decision making around positive reinforcement, whether economic or diplomatic is centered in the highest echelons of US political and diplomatic decision-making. Like covert action, these levers will be difficult for us to use and sanctions enforcement is unlikely to weigh heavily in these areas.

Sanctions do affect the remaining levers of influence, by hurting the North Korean body politic, undermining North Korean military readiness, and restrict the leadership’s ability to win favor with elites. We have tentatively rejected looking into sanctions on luxury goods targeting elites because of concerns about effectiveness in a regime that maintains tight control over even the elite and because of concerns about the efficiency of targeting smuggling of smaller and more easily concealed goods.

Instead, we have focused on sanctions enforcement that directly undermines the North Korea regime’s security either by undermining its conventional military capability or by creating socio-political pressure via the body politic.

We are still exploring the different ways by which we can make a difference through these two ideas, but we can make a few threshold conclusions. First, any restrictions on food imports through sanctions has been widely rejected by the international community on moral grounds. There is some debate, however, as many of the current sanctions restricting North Korean access to dollars and oil might have just as significant of an impact on access to food. Regardless, we have no interest in pursuing purposeful starvation as a method of influencing the regime.

We can also tentatively eliminate looking into restrictions on access to conventional military technology and information warfare as useful areas for further research for similar reasons to our decision not to look into arms control sanctions and covert action above. We are likely to run into similar issues around classification.

This leaves two major mechanisms for us to explore further, both heavily involving UN and US sanctions and their enforcement: restricting North Korean revenue and access to foreign currency and restricting North Korean access to refined petroleum products.

The ability for North Korea to raise revenues and to generate foreign currencies is vital to the regime and has been an ongoing issue of international attention. We are continuing to investigate some of the possible mechanisms to effectuate change here. One key aspect of the problem is trying to disentangle North Korean State actors from quasi-private entities whose interests may diverge from the regime.


It has been readily apparent from the beginning that access to refined petroleum is a key pressure point on North Korea leadership, both because of a need to fuel their military efforts and because of a growing domestic and commercial appetite for taxis, generators, farm equipment, and other diesel and gasoline needing machines. The UN Security Council has thus focused much of its recent import restrictions on refined petroleum and crude oil that North Korea has the capability to refine itself. These sanctions have not proven completely effective, as recent UN reporting has made public, partially because of significant North Korean evasion through at-sea tanker transfers.

This has resulted in and increased focus on addressing the ship-to-ship transfers that North Korea is using to evade the refined petroleum cap. We have began to focus tentatively on this as our primary goal, though there are still some questions we would like to answer about the ultimate utility of spending resources on enforcement of this particular form of sanctions evasion.

There are several vectors that we are investigating to investigate where we might be able enhance US enforcement capabilities around these ship-to-ship transfers. Our continues investigation of this will be detailed more in following blog posts, but we wanted to take the opportunity here to show how we got here, what other areas we are still considering, and what our reasoning was at each step of the process.