North Korea used cyberattacks on banks and cryptocurrency exchanges to steal US$2 billion and fund its weapons of mass destruction (WMD) program.
This is one of the findings from a confidential UN report, which also stated that the attacks were "widespread and increasingly sophisticated" and that North Korea had "used cyberspace to launder the stolen money".
Attacking cryptocurrency exchanges allowed North Korea "to generate income in ways that are harder to trace and subject to less government oversight and regulation than the traditional banking sector". Furthermore, "at least 35 reported instances of (North Korean) actors attacking financial institutions, cryptocurrency exchanges and mining activity designed to earn foreign currency" are being investigated across 17 countries.
The actions of North Korea contravene the sanctions imposed on it by the UN Security Council in 2006. These included capping imports of refined petroleum products, and the report found that the "annual cap for 2019 as set by the Security Council of 500,000 barrels of the aggregate amount of refined petroleum transferred to (North Korea) had been exceeded in the first four months of 2019."
Many nations had also failed to impose financial sanctions and North Korea's "financial institutions, including designated banks, maintain more than 30 overseas representatives controlling bank accounts and facilitating transactions," enabling the country to "continue to access the international financial system."
The UN hasn't commented on the report.