Three-quarters of South Koreans want nuclear weapons. One variable could decide the rest

On February 21, 2025, hackers from North Korea stole $1.5 billion from a cryptocurrency exchange in less than two hours. The Bybit incident marked the biggest theft in crypto history, and by year’s end, the blockchain data platform Chainalysis reported that groups linked to Pyongyang had taken a staggering $2.02 billion in 2025. With such significant amounts, cryptocurrency has evolved from a mere side venture to a vital source of North Korea’s income, potentially funding missile launches for three to five years at the pace observed in 2022.

During my field research in six North Korean cities in 2019, the country’s resource limitations were evident, reflected in sporadic electricity, decaying infrastructure, and a regulated scarcity of food, fuel, and consumer goods that the regime uses as a means of control. What has shifted since then is not the regime’s desire for weaponry but its enhanced capability to finance it.

That shift carries its sharpest consequences in Seoul, where a record 76.2 percent of South Koreans now favor developing an independent nuclear arsenal, the highest level recorded since the Asan Institute for Policy Studies began its surveys in 2010. Support for a nuclear arsenal is partly fueled by perceptions of a growing alignment among North Korea, Russia, and China. Even when faced with potential international sanctions, the removal of American troops, or the establishment of testing facilities nearby, most South Koreans remain resolute in their support for nuclear weapons. This viewpoint has transitioned from mere opinion to a political reality that any South Korean president must address, yet the means to manage it are dwindling. Notably, the US National Security Strategy released in December 2025 did not mention North Korea at all.

Meanwhile, Washington’s support for civil uranium enrichment and reprocessing, announced in November 2025 under a bilateral agreement, would shorten the time needed for South Korea to transition from a political decision to weapon development.

The situation is clear: growing public demand, increasing technical capabilities, a diminishing American commitment, and an enforcement strategy that has not kept up with the evolving threat. The key question is whether a South Korean president can still identify something concrete to justify exercising nuclear restraint. That something could be a long-term US commitment to stop North Korean cryptocurrency theft and money laundering.

A rationale for restraint. Any South Korean rationale for restraint in terms of nuclear weapons development requires visible, ongoing evidence that the alliance with the United States is effectively diminishing the North Korean threat. South Korea’s nuclear future may hinge less on Kim Jong-un’s willingness to negotiate and more on whether Washington can maintain pressure on the financial channels supporting the weapons program, especially as regards cryptocurrency theft—the one revenue stream America can disrupt independently of Beijing or Moscow.

Trump’s maximum pressure campaign against North Korea during his first term revealed the limits of enforcement. In 2017, over 100 new US Treasury Department sanctions were imposed, coupled with wider multilateral sanctions that restricted Pyongyang’s money-laundering activities and increased the apparent costs of sanctions evasion. However, after the Singapore and Hanoi summits, Trump shifted toward diplomacy and quietly erased enforcement to preserve the negotiating atmosphere. By 2019, the number of new sanctions dropped to 13, leading to the reestablishment of networks; the previously disrupted North Korean financial infrastructure resumed operations. The takeaway: Sanctions alone did not compel Kim to engage in talks.

The 2026 US National Defense Strategy states that South Korea “is capable of assuming primary responsibility for deterring North Korea with critical but more limited U.S. support,” framing this shift as consistent with updating US force posture on the peninsula to prioritize China. This trend was evident as early as 2025, when the Pentagon reportedly considered moving up to 4,500 of the 28,500 American troops currently stationed in South Korea to other places in the Indo-Pacific. Although the move didn’t happen, even the consideration of redeployment signaled a shift. Seoul has pledged to raise defense spending to 3.5 percent of gross domestic product, but conventional burden-sharing does not address the nuclear question. Troop presence is one factor Seoul monitors; consistent enforcement of US sanctions against North Korea’s financial networks is another.

Crypto enforcement methods such as sanctions, asset seizures, and tracking transactions on public blockchain networks can be applied to non-Chinese systems. However, imposing secondary sanctions on Chinese financial intermediaries is more complex: Seoul is working on mending its relationship with Beijing while also seeking assistance from Washington for nuclear submarine fuel, which restricts its ability to target Chinese banks. After deploying the US-operated Terminal High Altitude Area Defense missile system in 2017, Seoul faced repercussions from Beijing, including an estimated $7.5 billion loss in trade and tourism; secondary sanctions against Chinese banks could provoke a similar result. This highlights the necessity for baseline crypto enforcement methods, such as tracking transactions on public blockchains, freezing assets at regulated exchanges, and blacklisting wallet addresses, which can be implemented without Beijing’s involvement.

Reining in revenue. North Korea generates its income through three main revenue sources, all growing, but only one significantly influenced by the United States. The North’s trade with China reached $2.73 billion in 2025, and North Korean collaboration with both China and Russia is increasing. Around 12,000 North Korean laborers are expected to be sent to Russia’s Alabuga Special Economic Zone to build drones, and construction of a new bridge over the Tumen River at the border between North Korea and China is rapidly progressing. Russian and Chinese revenue streams financed the ballistic missile tests conducted by Pyongyang in January of this year.

While Trump could urge Russian President Vladimir Putin to limit his collaboration with North Korea, Trump’s priority is securing a Ukraine deal, rather than restricting North Korea’s access to Russian resources. Neither avenue—pressuring China on trade, or persuading Russia to limit cooperation—offers Washington a straightforward means of cutting off North Korea’s cash flow.

Cryptocurrency theft is structurally different. A 2024 report by a United Nations Panel of Experts suggested that cybertheft may constitute as much as half of North Korea’s foreign currency earnings. But unlike the revenue streams coming from China and Russia, every crypto transfer is recorded permanently, and much of the infrastructure involved in turning stolen cryptocurrency into spendable currency operates through exchanges and dollar-pegged digital tokens that fall within United States jurisdiction. The Treasury Department’s sanctions office has the authority to blacklist money-laundering nodes without approval from Beijing or Moscow.

The Bybit theft alone represented three-quarters of North Korea’s crypto filching in 2025. That amount of illicit money must navigate through a limited number of channels to be transformed into usable currency, and disrupting even a few of those points significantly impedes the flow. Pyongyang may seek alternative ways to launder the money, but each forced shift increases conversion expenses, reduces processing speed, and risks detection for those involved. These delays accumulate and impact timelines for missile development and centrifuge operations. Reducing crypto theft does more than just cut revenues; it hinders Pyongyang’s progress toward acquiring the next warhead, which influences Seoul’s nuclear strategy.

Closing the loopholes. The US enforcement toolkit has seen some successes, but its legal scope is diminishing. The 2018 Defense Department Cyber Strategy introduced a “defend forward” approach, and Trump’s 2025 classified National Security Presidential Memorandum 13 made it easier to greenlight offensive measures. However, in late 2024, a federal appeals court ruled that the Treasury Department’s sanctions office lacked authority to sanction Tornado Cash, a cryptocurrency mixer that pools and redistributes digital funds to obscure their origin, since its automated code was deemed non-sanctionable property. Treasury removed the mixer from its list in March 2025.

Sanctions on money-laundering services linked to identifiable operators remain intact, but North Korea has increasingly turned to decentralized systems that lack identifiable operators, which are beyond Treasury’s current reach due to the Tornado Cash ruling. Congress has yet to address this loophole.

In November 2025, Treasury’s sanctions office identified eight individuals and two entities connected to North Korean fraud and crypto laundering, including the Korea Mangyongdae Computer Technology Company, indicating that enforcement capabilities are still present. However, this action followed several months of inaction, and subsequent sanctions have been sporadic; enforcement efforts are still largely influenced by diplomatic circumstances rather than a consistent institutional process.

A long-term commitment. North Korea responds faster than temporary measures can keep up. After the Treasury Department’s Financial Crimes Enforcement Network identified Huione Group, based in Cambodia, as a main concern for money laundering in 2025, vendors shifted to smaller guarantee services, and transaction volumes partially bounced back through affiliates. This quick adaptation, however, came with drawbacks for North Korea: The new infrastructure is smaller, less reliable, and more vulnerable to future sanctions. These drawbacks only build up if enforcement remains consistent. When it does not, thieves have time to regroup: For example, North Korean hackers spent six months posing as a trading firm before draining $285 million from the Drift Protocol futures exchange earlier this month. A six-month preparation window would not exist in an environment of consistent enforcement. US-South Korean cyber collaboration resets with each change in leadership, complicating the effort to maintain ongoing pressure.

The issue is not a lack of capability but rather a failure of institutional commitment to apply pressure on North Korean crypto thievery in a way that Seoul can depend on. Implementing a set timetable for pinpointing and blacklisting new money-laundering nodes would compel the Kim regime to continuously adapt, instead of allowing it time to regroup. But the existing US approach lacks a regular process for identifying financial institutions of concern—one that can endure beyond a single administration.

One way to shift from sporadic responses to consistent enforcement would be to establish a Joint US–South Korea Financial Warfare Center, a permanent bilateral entity with its own personnel, budget, and reporting schedule. It would integrate the capabilities of the US Treasury Department, Justice Department, and Cyber Command with South Korean financial intelligence—resulting in joint sanctions, an asset seizure process supported by blockchain tracing, and a quarterly list targeting active laundering operations. The necessary tools are available, but achieving credibility would require predictable delivery to Seoul across multiple American administrations. A joint mandate and specific funding would increase the political costs of reversal by making enforcement a regular practice. The center would operate within the Treasury and Justice Departments, which is where bilateral cooperation is currently weakest.

Although US support could provide Seoul with a latent capability to rapidly develop nuclear weapons, capability alone might not be enough for South Korea’s president to justify continued restraint. Seoul’s willingness to forgo the bomb lasts only if the enforcement system against North Korean cyber-thievery—including sanctions, asset seizures, and blockchain tracking—keeps demonstrating that its alliance with the United States is actively reducing the threat.

Whether Kim decides to negotiate again on security and nuclear issues is beyond the control of South Korea’s allies. But every dollar of stolen crypto that reaches Pyongyang unchallenged is an argument for the bomb in Seoul. Washington has the tools to disrupt that money. The question is whether it will use them before three-quarters becomes a mandate.