Kim Jong-un promised to stop testing nuclear bombs and intercontinental ballistic missiles. He shook hands with President Donald Trump in Singapore in June 2018. The vague agreement that came out of that summit has produced nothing concrete. Pyongyang launched two missiles last Tuesday. Another test is scheduled within two weeks.
Those launches violate United Nations resolutions. They also make plain what the regime is doing with the money it steals. A confidential UN Security Council report received August 26, 2019, lays out the scale. North Korea has stolen roughly $1.6 billion through cyber-attacks on cryptocurrency exchanges and banks. The funds go straight to weapons programs — nuclear and ballistic missile development — in direct violation of international sanctions.
This is not a one-off heist. The UN report submitted to the North Korea sanctions committee details 35 separate cyber-attacks. Each used sophisticated malware, custom-built to siphon foreign resources from financial institutions. The targets were crypto-forex exchanges and traditional banks. The stolen money moved through complex networks designed to avoid detection. Untraceable accounts in jurisdictions with weak regulations received the funds.
Digital theft is only part of the picture. Financial consultants are also investigating illegal ship-to-ship transfers. These operations allow North Korea to bypass restrictions on oil and other goods. The proceeds from both avenues — cyber theft and sanctions evasion — directly support Pyongyang’s weapons ambitions.
The stakes are concrete. North Korea is financing a nuclear and ballistic missile program with stolen money. The regime shows no sign of stopping. The two missiles launched last Tuesday are proof. The scheduled test within two weeks is more proof. The Singapore summit produced a vague agreement. The Hanoi summit in February 2019 collapsed without a deal. Talks are stalled. Promises are broken.
Meanwhile, the hackers keep working. The UN report describes a systematic campaign. North Korean operatives deploy custom-built malware and extraction programs. They target exchanges and banks. They move the money through complex networks. They hide the proceeds in jurisdictions with weak regulations. The scale is $1.6 billion. That is not a rounding error. That is real money, funding real weapons, posing a real threat.
The international community has imposed sanctions. The UN has passed resolutions. None of it has stopped North Korea from testing missiles or stealing money. The regime is committed to advancing its military capabilities despite diplomatic efforts. The Singapore summit produced a handshake and a vague agreement. The Hanoi summit produced nothing. The missiles keep flying. The cyber-attacks keep happening.
What is genuinely at risk is straightforward. A country with nuclear weapons and ballistic missiles is using stolen money to build more. It is bypassing sanctions through ship-to-ship transfers. It is stealing from financial institutions using sophisticated malware. The UN report makes clear this is not amateur work. These are 35 documented attacks. The funds are being used to violate international law.
The diplomatic track is stalled. The military track is accelerating. The cyber track is profitable. That is the situation. The report is a warning. Whether anyone acts on it is another question.
