Senior officials from the United States, Japan, and the Republic of Korea convened in Washington, D.C., on June 25–26 for the Trilateral Diplomatic Working Group on DPRK Cyber Threats, aiming to coordinate a unified response to North Korea’s illicit revenue-generating operations. The delegations reaffirmed their shared commitment to the complete denuclearization of the Korean Peninsula and to cutting off the financial streams that fund Pyongyang’s prohibited weapons of mass destruction and ballistic missile programs.
Participants highlighted the scale of recent cryptocurrency heists attributed to North Korean actors, citing the theft of approximately $290 million from KelpDAO and $285 million from Drift Protocol as prime examples. The three nations pledged to expand efforts to expose these thefts and raise global awareness of the threat, particularly across Europe, Southeast Asia, and Africa. Officials also flagged the growing danger posed by North Korean IT workers who are increasingly leveraging artificial intelligence to infiltrate foreign companies, committing to assist the private sector in improving detection and mitigation of such fraud schemes.
The delegations underscored the critical role of sustained law enforcement cooperation in enforcing international sanctions and disrupting malicious cyber activity. They also emphasized the value of private-sector expertise, expressing appreciation to Coinbase, Mandiant Threat Intelligence (part of Google Cloud Security), Polymarket, and Upwork for joining the working group’s inaugural industry engagement session.
