Connect with us

Hi, what are you looking for?



UN Experts Investigating 58 Suspected North Korean Cyberattacks Valued at About $3 Billion

U.N. experts are investigating 58 suspected North Korean cyberattacks valued at approximately $3 billion, with the money reportedly being used fund development of weapons of mass destruction.

U.N. experts say they are investigating 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion, with the money reportedly being used to help fund its development of weapons of mass destruction.

And the high volume of cyberattacks by North Korean hacking groups who report to the Reconnaissance General Bureau, North Korea’s primary foreign intelligence organization, is reportedly continuing, the panel of experts said in the executive summary of a new report to the U.N. Security Council obtained Friday by The Associated Press.

The report covering the period from July 2023 to January 2024 and reflecting contributions from unidentified U.N. member nations and other sources, was sent to the 15-member council as North Korean leader Kim Jong Un has raised tensions in the region. He is threatening to annihilate South Korea if provoked and escalating weapons demonstrations. In response, the United States, South Korea and Japan have strengthened their combined military exercises.

[ Read: New ‘SpectralBlur’ macOS Backdoor Linked to North Korea ]

Amid the increased military and political tensions on the Korean Peninsula, the experts said North Korea “continued to flout (U.N.) sanctions,” further developed its nuclear weapons, and produced nuclear fissile materials – the weapons’ key ingredients.

The experts said a light-water reactor at North Korea’s main nuclear complex at Yongbyon “appeared to be operational.” South Korea’s defense minister said in late December that the reactor would likely be formally operational by the summer, amid suspicions the North may use it as a new source of fissile materials for nuclear weapons.

North Korea has long produced weapons-grade plutonium from its widely known 5-megawatt reactor at Yongbyon. The light-water reactor would be an additional source of bomb fuels, and observers say its bigger capacity could allow it to produce more plutonium. Yongbyon has a uranium enrichment facility as well.

The panel said activities at North Korea’s Punggye-ri nuclear test site “continued.” U.S. and South Korean officials have said North Korea is likely preparing to conduct its seventh nuclear test from the site, which would be the first since 2017.

Advertisement. Scroll to continue reading.

Outside estimates on the size of North Korea’s nuclear arsenal vary, ranging from 20-60 to more than 100. Experts say North Korea can add six to 18 bombs each year. Since his diplomacy with the U.S. collapsed in 2019, Kim Jong Un has repeatedly vowed to build more nuclear weapons and introduce high-tech weapons to cope with what he calls intensifying U.S. hostility.

The panel said that during the six-month period ending in January, the Democratic People’s Republic of Korea or DPRK — the North’s official name — launched at least seven ballistic missiles — one a three-stage intercontinental ballistic missile, one possibly an intermediate-range missile and five short-range ballistic missiles.

After two failed attempts, the DPRK successfully placed a military observation satellite in orbit, the experts said. And a diesel submarine was retrofitted as a “tactical nuclear attack submarine” and added to the North’s military arsenal.

The panel, which monitors U.N. sanctions against North Korea, said the DPRK continues importing refined petroleum products in violation of Security Council resolutions, using “combinations of obfuscation methods” to evade maritime sanctions.

The DPRK’s recorded trade volume in 2023 surpassed the total for 2022, the experts said, including a large variety of consumer goods, “some of which could be classified as luxury items” that are banned by U.N. sanctions.

The panel said it is also investigating reports from member states about the DPRK supplying arms and ammunition in violation of U.N. sanctions.

The United States, Ukraine and six allies accused Russia last month of using North Korean ballistic missiles and launchers in a series of devastating aerial attacks against Ukraine, in violation of U.N. sanctions.

South Korea’s military said in November that it suspected North Korea had sent an unspecified number of short-range ballistic missiles, anti-tank missiles and portable anti-air missiles to Russia, in addition to rifles, rocket launchers, mortars and shells in violation of U.N. sanctions.

During the six-month period, the experts said, “trends include DPRK targeting of defense companies and supply chains, and increasingly sharing infrastructure and tools.”

The panel said it also investigated reports of numerous DPRK nationals working overseas, including in information technology, restaurants and construction, and earning income in violation of U.N. sanctions.

And in another sanctions violation, they said, “The DPRK continues to access the international financial system and engage in illicit financial operations.”

U.N. sanctions are not supposed to hurt ordinary North Koreans, but the panel said “there can be little doubt that U.N. sanctions and their implementation have unintentionally affected the humanitarian situation and some aspects of aid operations.” But it said “their relative role remains impossible to disaggregate from many other factors.”

Related: North Korean Software Supply Chain Attack Hits North America, Asia

Related: New MacOS Malware Linked to North Korean Hackers

Related: North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

Written By


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Ask any three people to define cyberwar and you will get three different answers. But as global geopolitics worsen and aggressive cyberattacks increase, this...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.


In a campaign called Volt Typhoon, Microsoft says Chinese government hackers were siphoning data from critical infrastructure organizations in Guam, a U.S. territory in...


Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...


While cyber eyes are trained on Russia, we should remember that it is not the West’s only cyber adversary. China, Iran, and North Korea...