Skip links

That Asian meal you eat on holidays could launder money for North Korea

If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder money.

That bitter tidbit is detailed by the United Nations Panel of Experts dedicated to assessing the Security Council’s sanctions against The Democratic People’s Republic of Korea (DPRK, aka North Korea) in its annual report [PDF].

The report finds that North-Korea-run eateries can be found in China, Laos, Thailand, and Russia. Not all offer Korean food – some specialize in Japanese or other cuisines. China alone houses 65 such restaurants.

Some of the eateries are clearly staffed by North Koreans, whose lousy Mandarin is a giveaway in China. Others have only a couple of North Koreans on staff. Few of the DPRK citizens in the food trade have the correct visa – or a visa at all.

We mention the restaurants because the UN reckons they collectively help the DPRK to launder $700 million a year. Much of the rest of the report details where that cash comes from: the many crypto heists and freelance tech workers who funnel their wages home to Pyongyang, maybe after first using the privileged access they gain working on your systems to do nasty things.

The UN report relies on infosec specialists for its assertions about DPRK infosec activities, and gives them credence by revealing the Security council is investigating “58 suspected cyber attacks by the Democratic People’s Republic of Korea on cryptocurrency-related companies between 2017 and 2023, valued at approximately $3 billion, which reportedly help to fund the country’s development of weapons of mass destruction.”

Seventeen of those attacks took place in 2023 – a year that the UN thinks saw North Korea get its hands on $750 million of other people’s crypto.

The Expert Panel thinks some of the DPRK’s activities could be curtailed with stricter compliance activities and international info-sharing.

Among its suggestions are some basic infosec practices – like adopting multi-factor authentication and zero-trust principles.

The Panel also wants UN member states to “consider establishing systems for reporting and sharing Democratic People’s Republic of Korea-related cyber threat information with the cryptocurrency industry and private sector.” The latter have been told it’s a good idea to “review information released by Member States and cyber security companies regarding Democratic People’s Republic of Korea-linked virtual currency addresses and be vigilant in guarding against transactions directly with, or derived from, those addresses.”

Another UN target is “all cryptocurrency platforms and protocols – including decentralized and centralized exchanges, bridges, instant exchange services, mixers and privacy protocols” – as the Panel feels that if those players “implement appropriate anti-money-laundering and know-your-customer programmes and establish procedures and enhanced monitoring and detection mechanisms” they’re a chance of preventing the DPRK’s crypto scheme from succeeding.

While that would be a welcome outcome, the report also details myriad other schemes North Korea uses to evade sanctions – including laundering the identity of ships used to bust sanctions, joint ventures companies that help it to move money, and many more besides.

Indeed, the report runs to 615 pages – such is the extent of the DPRK’s sanctions-evading activities. ®