US, Japan, South Korea Strengthen Trilateral Cooperation to Counter North Korea’s Cyber Revenue Networks.

Washington, D.C.:

The United States, Japan, and the Republic of Korea (ROK) have reaffirmed their commitment to intensifying trilateral cooperation against the Democratic People’s Republic of Korea’s (DPRK) cyber-enabled revenue generation, following high-level discussions held during the Trilateral Diplomatic Working Group on DPRK Cyber Threats in Washington, D.C., on June 25–26.

The interagency meeting brought together senior officials from the three countries to coordinate strategies aimed at disrupting North Korea’s illicit cyber operations, including cryptocurrency theft, cyber-enabled financial crimes, fraudulent information technology (IT) worker schemes, and other malicious cyber activities that generate revenue for the regime.

Focus on Disrupting Illicit Revenue

During the discussions, delegates reaffirmed their shared objective of achieving the complete denuclearization of the DPRK by cutting off financial resources used to support its prohibited nuclear weapons and ballistic missile programs. Officials emphasized that North Korea increasingly relies on sophisticated cyber operations to evade international sanctions and finance its weapons development.

The three governments pledged to strengthen cooperation in identifying, exposing, and disrupting cyber-enabled financial networks linked to the DPRK while enhancing coordination among law enforcement agencies and international partners.

Concern Over Cryptocurrency Heists

Representatives expressed deep concern over a series of high-profile cryptocurrency thefts attributed to North Korean cyber actors. Among the incidents highlighted were the reported theft of approximately $290 million from KelpDAO and $285 million from Drift Protocol, underscoring the growing scale and sophistication of DPRK-backed cybercrime.

Officials agreed to expand efforts to expose cryptocurrency thefts carried out by North Korean hackers and raise global awareness of the evolving threat. Particular attention will be directed toward strengthening cooperation with governments and financial institutions in Europe, Southeast Asia, and Africa, regions increasingly targeted by DPRK cyber operations.

AI-Enabled IT Worker Schemes

Delegates also discussed the emerging challenge posed by North Korean IT workers who obtain remote employment with international companies while concealing their identities. Officials noted that these operatives are increasingly leveraging artificial intelligence (AI) tools to enhance deception, bypass identity verification processes, and conduct fraudulent activities more effectively.

Recognizing the growing threat, the United States, Japan, and the ROK committed to supporting industry-led initiatives aimed at improving the detection and prevention of fraudulent employment schemes targeting businesses worldwide.

Enhanced Law Enforcement Cooperation

Participants reiterated the importance of continued law enforcement collaboration to enforce international sanctions against the DPRK. The three nations pledged to deepen information sharing, coordinate investigations, and strengthen efforts to disrupt illicit financial networks supporting North Korea’s cyber activities.

Officials emphasized that stronger international cooperation remains essential to preventing malicious cyber operations and reducing the regime’s ability to generate illicit revenue.

Private Sector Engagement

A significant milestone of this year’s meeting was the inaugural private-sector session of the Trilateral Diplomatic Working Group on DPRK Cyber Threats. Representatives from leading technology and cybersecurity companies participated in discussions alongside government officials, providing expertise on emerging cyber threats and defensive strategies.

The three governments expressed appreciation to Coinbase, Mandiant Threat Intelligence (part of Google Cloud Security), Polymarket, and Upwork for contributing to the dialogue. Officials highlighted the critical role of public-private partnerships in identifying cyber threats, strengthening cybersecurity resilience, and combating North Korea’s evolving cyber tactics.

Growing International Coordination

The trilateral meeting reflects increasing international efforts to counter North Korea’s cyber-enabled financial activities, which have become a significant source of funding for the regime amid extensive international sanctions. By enhancing diplomatic coordination, intelligence sharing, law enforcement cooperation, and collaboration with the private sector, the United States, Japan, and South Korea aim to significantly disrupt DPRK cyber operations and deny the regime access to illicit revenue used to advance its nuclear and missile programs.