North Korea made $2bn from cyber crime and spent it on weapons, claims UN

North Korea used to raise funds via counterfeit money, and by producing and distributing amphetamines

The North Korean government has made $2 billion from cyber attacks against foreign financial institutions - and spent the money on its weapons programme.

That's according to an unpublished United Nations report, seen by Reuters, which concludes that the North Korean government has been spending the money generated from cyber attacks on weapons of mass destruction.

The confidential UN report was prepared by a team of independent experts, who submitted it to the UN Security Council North Korea sanctions committee last week.

The authors of the report claimed to have monitored North Korea's compliance over six months and found that it had repeatedly launched sophisticated and widespread attacks to steal funds from overseas banks and cryptocurrency exchanges to support its weapons programmes. The country also used cyberspace to launder the stolen money.

According to the report, the income generated via large-scale cyber attacks against cryptocurrency exchanges is harder to track and is subject to less government oversight than the traditional banking sector.

North Korean threat actors were blamed for the attempted $951 million heist against Bangladesh Bank in 2016, which was only foiled due to the attackers poor spelling and the vigilance of a correspondent bank.

The report claims that many of the North Korea advanced persistent threat (APT) groups operate under the guidance of North Korea's Reconnaissance General Bureau, the top military intelligence agency of the country. Moreover, there are several secretive government entities that based in foreign countries, working under diplomatic cover to procure technonology and equipment for North Korea's weapons programmes.

The report indicated there are currently investigations into about 35 reported instances of cyber attacks conducted by North Korean APT groups against financial institutions and cryptocurrency exchanges in about 17 countries.

North Korea has continued to boost its nuclear and missile programmes in recent months, the experts said, although it refrained from conducting Intercontinental Ballistic Missile launches or a nuclear test.

In 2006, the UN Security Council imposed sanctions on North Korea to check funding for Pyongyang's missiles programmes.

The government of Kim Jong-un and his predecessors have long been involved in international organised crime.

In May, researchers issued a warning over 'ElectricFish' malware that was found to be linked with North Korean hacking group Hidden Cobra, aka Lazarus Group.

Earlier in April, the US Department of Homeland Security and the FBI issued a warning over renewed North Korean state hacking activity. The security experts claimed that they had identified new malware, called HOPLIGHT, which they believed was also linked with North Korean APT group Hidden Cobra.

Last month, a report by security specialists at F-Secure warned that cyber attacks pioneered by groups linked with the North Korean government are now being deployed by other threat actors.