1. The governments of the Republic of Korea and the United States held the 6th ROK-U.S. Working Group Meeting on the DPRK Cyber Threats in Washington D.C., the U.S., on March 27-28. In the presence of more than 50 officials from their diplomatic, intelligence, judicial, financial and defense authorities, the two countries shared information on recent illicit cyber activities by North Korea and explored effective ways to counter the threats.

2. As North Korea continues to abuse new virtual asset services and obfuscate its money laundering tactics in attempts to evade monitoring and sanctions of the international community, the two sides resolved to remain vigilant of relevant developments and enhance collaboration to respond to them.

3. The two sides highlighted that close cooperation with the private sector is critical in effectively responding to North Korean crypto heists and money laundering activities. They noted that, through cooperation with private sector partners, a substantial number of North Korean proxy accounts have been blocked on payment service and job-seeking platforms. The two sides agreed to further enhance information sharing with and guidance for private entities such as cryptocurrency service providers, information technology (IT) businesses, and payment service and job-seeking platforms, so that they remain vigilant of the North Korean activities and improve their monitoring and due-diligence measures.

4. The two sides agreed that North Korean hacking groups pose a common threat to the entire world without discriminating targets. They discussed a wide range of measures, such as updating the joint advisory on North Korean cyber threats with the aim to raise international awareness, and strengthening cooperation with the international community including Europe, Southeast Asia, Latin America and the Caribbean.

5. The two sides decided to reinforce diplomatic engagement on the third countries where North Korean IT workers operate to prepare for the possibility of North Korea dispatching new or replacement IT workers overseas in violation of the relevant UN Security Council resolutions, and to ensure that those countries comply with their obligations under the UNSCRs by expelling or repatriating them.

6. The two sides appreciated their respective impositions of the coordinated sanctions on individuals and entities on March 28 for providing assistance to North Korean IT workers or engaging in money laundering, and discussed potential new measures including additional autonomous sanctions against North Korean cyber activities.