top of page

Do sanctions work? North Korean hackers say no

Erin Jory | East Asia Fellow

With the dramatic rise of cyberespionage in recent years from North Korean hackers, security analysts and international policymakers have begun to question the effectiveness of economic sanctions in curbing North Korea’s non-compliance with international law.

For decades, North Korea has drawn international condemnation for its human rights violations and development of nuclear weapons. The international community, led by the United Nations Security Council, has pursued economic sanctions in response to these ongoing behaviours. UN Security Council Resolutions since 2006 have targeted a range of critical sectors, included energy, arms and military equipment, and restricted scientific cooperation with North Korea.

Whilst these sanctions have hampered North Korea’s economic recovery, the regime’s tendency to prioritise the Party over the people has meant that sanctions are felt most by ordinary families, rather than the elites who are the intended targets. A recent UN report reveals that nearly 4,000 people died in 2018 because of delays of materials such as medical equipment coming into North Korea caused by the sanctions.

In recent years, however, such sanctions have been undermined by the failure of some countries to enforce them. In 2018, for instance, the International Security Council found that at least fifty-six countries had violated UN measures to enforce sanctions on North Korea. While some countries and businesses have been found purposefully evading these restrictions, many have done so inadvertently.

But a key reason for the ineffectiveness of sanctions has been the ability of the North Korean regime to bypass them through a highly-sophisticated program of cyberespionage. According to the testimony of a North Korean defector, North Korean students who excel in math and science are targeted for enrolment into a program at Pyongyang’s elite schools, with the aim of preparing them for a role in North Korea’s cyberattacking apparatus. This involves the students being sent to China or Russia to further develop their hacking skills.

Indeed in 2013, Kim Jong Un reportedly said, “if we have strong information technology and brave warriors like the Reconnaissance General Bureau, we will be able to break any sanctions and have no problem building a strong and prosperous country”. Today, North Korea’s cyberwarfare capabilities are amongst the best in the world second only to Russian intrusion groups and ahead of the Chinese, with a cyber army of about 6,000 hackers.

The rise of North Korean cyber-attacks is particularly alarming for the international community due to the regime’s nuclear capability and its history of non-compliance with international law. Korean peninsula specialist, Geoffrey Cain, asserts that while cyber-hacks do not kill, “as a threat it’s more upfront than nuclear can be used covertly and secretly to steal secrets, shut down an electrical grid. Hackers can mess with markets, mess with financial institutions, sell off assets”.

When Sony released a trailer for “The Interview” in 2014, a satire about an assassination attempt on North Korean Supreme Leader Kim Jong-un, North Korean hackers attacked Sony and leaked sensitive information about the studio and its employees.

North Korea has also pursued a strategy of cyber-theft. In 2015-16, Pyongyang launched a wave of attacks on the Society for Worldwide Interbank Financial Telecommunication banking network (SWIFT), rupturing banking systems from Chile to India, and generating hundreds of millions of dollars for the regime. North Korean hackers have since shifted their attention to cryptocurrencies. Using blockchain technology, Pyongyang has amassed around $670 million in both foreign and virtual currency through cyber-theft between 2015 and 2018.

North Korea’s efforts to improve its cyber capabilities also stem from a perceived low risk of retaliation. North Korea benefits from a low-level of internet penetration, and has only two internet service providers. In this way, North Korea’s lack of IT infrastructure provides a defensive mechanism against counterattacks – a defence not available to countries that are becoming increasingly reliant upon IT infrastructure for vital industries such as energy and health.

Current trends in cyber development suggest that nation-state backed hackers are likely to continue cyberespionage campaigns as more countries look to utilise this unregulated space. Pakistan, for instance, recently began a hacking operation known as the Gorgon Group in an effort to collect databases that could be useful to its national interests. Vietnamese hackers known as Ocean Lotus similarly targets foreign diplomats and foreign-owned companies inside of Vietnam.

Due to its geopolitical location, North Korea’s retaliation threatens the peace and security of the entire East Asian region. Whilst cyber-attacks are just one of the security challenges created by North Korea’s efforts to generate revenue while bypassing international sanctions, unless experts and policymakers begin to recognise the potential damage of state-sponsored cyber-attacks, North Korea will remain one of the most destabilising actors in East Asia.

Ultimately, the ineffectiveness of sanctions in containing North Korea calls for a reassessment of the means used to restrain recalcitrant states. Whilst the international community has typically expressed more concern for nuclear weapons, the rise of state-sponsored cyber-attacks highlights the necessity for increased investment in cyber capacities. As more countries attempt to test this unregulated space, the containment of North Korea as a model for other state-sponsored hackers will be especially critical for the protection of peace and security of the international community.

Erin Jory is the East Asia Fellow for Young Australians in International Affairs


bottom of page