Cyber security is a threat that the public often overlooks. In the case of North Korea, aggressive military rhetoric overshadows the regime’s growing cybercrime activities over the last decade. North Korea’s cyber capabilities have the potential to disable strategic weapons deployed in South Korea, suggesting that North Korean cyber-attacks are directly connected to traditional North Korean military security threats. The United States and South Korea are the main targets of these cybercrime attacks, with South Korea seeming to face clear risks in both the private and public sectors.

The sociopolitical chasm between Pyongyang and Seoul is often oversimplified as a line between antiquity and modernity. It may seem that South Korea’s digital infrastructure is impervious to North Korean attack, but this understanding is challenged by North Korea’s use of financial cyberterrorism operations, which target the assets of South Korean citizens and institutions. North Korea’s interest in South Korean cryptocurrency can be traced to three factors: ideological warfare, widespread usage, and poor cyber-hygiene practices. In South Korea, citizen support of blockchain technology appears connected to the domestic political tensions regarding government regulations on technology, limiting the ability for policymakers to ensure secure digital behavior.

The Axie Infinity phenomenon is a microcosm of an ongoing cyber-conflict with three adversarial actors: North Korea, South Korean political institutions, and South Korean citizens. As South Korean policymakers wage a war of sanctions against their crypto-dependent constituency, the responsive black-market centers on one commodity: pastel-stylized digital Axolotl. Axie Infinity, an NFT-based online video game developed by Vietnamese studio Sky Mavis, revolves around the virtual trade, battle, and sale of “Axies” - anthropomorphized Axolotl turned digital NFTs. The crypto-game is the most widely used example of “Play-To-Earn” (P2E) gaming. After paying up to US$1,000 in start-up fees, successful players earn an in-game currency pegged to Ethereum, convertible to real-world currency.


Photo Credit: Axie Infinity

Axolotl in Axie Infinity, an NFT-based online video game developed by Vietnamese studio Sky Mavis.

Axie Infinity’s player base extends beyond one million Daily Active Users throughout Southeast and East Asia, many of whom rely on the game as a primary source of income. In response, the South Korean government has attempted to block P2E games like Axie Infinity from the market. Unfazed by government restrictions, gamers gain access to Axie Infinity via VPNs, demonstrating a crucial disconnect between policy and enforcement. South Korean officials often associate their distrust of P2E gaming to a general lack of regulation, but this fear of deregulation operates within a greater security dilemma: North Korean cybercrime. North Korea is notorious for enlisting hackers to create ransomware that targets South Korean gamers’ financial information and cryptocurrency assets. Jason Bartlett writes in The Diplomat that Pyongyang has also taken advantage of Seoul’s loosely-regulated cryptocurrency boom, anonymously targeting cryptocurrency transactions to launder money and disrupt economic productivity.

North Korea’s newfound reliance on crypto-based attacks is also tied to cryptocurrency’s popularity among South Koreans. In January of 2022, blockchain analysis firm ChainAnalysis released a report on North Korean cybercrime that labeled 2021 as the most successful year for hackers on record. The Lazarus Group, Pyongyang’s most prolific hacking collective, has shifted focus from intellectual property attacks to cryptocurrency transactions. ChainAnalysis found that Lazarus Group stole over $400 million in cryptocurrency in 2021, a 40% increase from 2020. These organizations often target individuals through phishing and ransomware.Through cyberterrorism, North Korea seeks to gain new leverage in a globalized conflict. Cryptocurrency's inherent lack of extradition, hyper-fluid currency exchange, and the developing nature work in tandem to allow North Korea to obtain paper currency and launder money via digital channels. The anonymity of digital transactions also allows North Korea to falsely deny connections to covert digital attacks. Then, the illegal funds could be used to boost Pyongyang’s physical military capacity, and according to the UN Security Council, weapons of mass destruction and ballistics programs.

Seoul has built a hyper-competent digital infrastructure, but rampant political corruption destroyed citizens’ intrust the government’s advisories on digital finances, especially when regulations are tightening but implementation standards are unclear. When skepticism translates to low regulatory compliance, the South Korean government may fail to protect civilians from cyber-attacks, but does the South Korean public see North Korean cyber capabilities as the threat that they are?

Through a web survey administered by Macromill Embrain in March 2022, with quota sampling by age, gender, and region, we asked 1,107 South Koreans whether they were more concerned about cyber or nuclear attacks. We found that 47.24% of respondents viewed North Korean cyber-attacks and nuclear weapons as equal threats to South Korea, with similar rates across age groups. Meanwhile, 9.76% of respondents viewed cyber-attacks as a larger threat than nuclear weapons. Broken down by age cohorts, to our surprise, we see greater concern for cyber-attacks among older respondents.


Older cohorts may be more attuned to the risk of cyber-attacks for a couple reasons. One, seeing too many missile deployments could have desensitized the elderly to a possible nuclear attack. Another reason could be a generational information gap on technology, making the elderly less secure in their protection against cyber-attacks.

Despite greater concern about nuclear attack, the average respondent seems to recognize both as a threat. This finding suggests that attention both by the South Korean government and by outside observers have been shortsighted, presenting an opportunity for new policy making regarding cyber regulations and security.

South Korea’s politically adversarial relationship with Axie Infinity and other P2E platforms represents a growing dichotomy between cybersecurity and citizen engagement. As cyberterrorism within the financial sector develops in viability and threat, South Korea’s response to North Korean cybercrime offers a model to the international community. With this understanding in mind, South Korea should combat North Korean cybercrime through three policy objectives: cyber-hygiene promotion, cryptocurrency regulation, and international cooperation.

Promote cyber-hygiene among citizens: Poor cyber-hygiene practices - absent password authentication or unawareness of phishing scams - are not typically a result of teachable ignorance; rather, of a complex web of political disenfranchisement, risky digital behavior and transactions, and the sheer volume of digital financial exchanges. To promote cyber-hygiene, South Korea should work with public and private sector organizations to build system-wide anti-phishing protections, invest in public service campaigns promoting safe digital behavior, and clarify local regulations surrounding cryptocurrency exchanges.

Shift cryptocurrency regulations: The common policy among nations dealing with crypto-based cybercrime is to ban the currencies wholesale, but it does not seem to be a viable option due to their popularity in South Korea. South Korea should lower unpopular taxes on cryptocurrency exchanges, use the resulting political goodwill to further restrict the types of cryptocurrencies accepted under the Korean banking system, and prioritize security checks and oversight within these currencies.

Strengthen international cyber-cooperation: With the U.S. as its strongest ally, Seoul is an epicenter of efforts against cyber-attacks, heading programs like the Global Cyberspace Peace Regime and The Seoul Conference on Cybersecurity. The government should further promote global cooperation by pursuing strategic relationships with nations that house cybercrime organizations, recruiting and training international cybersecurity workers, and engaging strategically with non-anonymous cryptocurrency entrepreneurs. It must also engage in information sharing with other countries, specifically the United States.

With cryptocurrency seeping into politics, all major economies must be aware of the impact of cyberattacks when making plans of economic development. With the public becoming concerned about North Korean cybercrimes, South Korean policymakers should advocate for tighter security regulations that protect both the private and public sectors.

Christian Butterfield is an honors undergraduate researcher and writer at Western Kentucky University, majoring in Creative Writing and International Affairs. His work has been published in North American Review, Kenyon Review, and the Student Conference on U.S. Affairs.

Brooklind Norman is a recent alumna from Western Kentucky University, with majors in International Affairs, Political Science, and Chinese.

Timothy S. Rich is a professor of political science at Western Kentucky University and director of the International Public Opinion Lab (IPOL). His research focuses on the domestic and international politics of East Asia.

READ NEXT: South Korea: How Did the Pardon of Park Geun-hye Affect the Election?

TNL Editor: Bryan Chou, Nicholas Haggerty (@thenewslensintl)

If you enjoyed this article and want to receive more story updates in your news feed, please be sure to follow our Facebook.