North Korea is Weaponizing Cryptocurrency

The Democratic People’s Republic of North Korea (DPRK) remains the most isolated country globally. The DPRK poses a significant threat to the U.S. and its allies because of its authoritarian leadership under Supreme Leader Kim Jong Un and its unchecked nuclear weapons and ballistic missile program. Additionally, the DPRK uses stolen cryptocurrency to fund its weapons programs.

On May 16, 2022, the State Department, U.S. Treasury Department, and Federal Bureau of Investigation warned about hiring North Korean IT workers, who often ask for payment in cryptocurrency.

In a press release from May 6, 2022, the U.S. Treasury Department said that Lazarus Group, a state-sponsored cyber threat group, had conducted the most significant cryptocurrency theft, worth about 620 million dollars. Lazarus hacked Axie Infinity, the biggest play-to-earn cryptocurrency game. The DPRK used to process 20 million of the stolen funds, which resulted in the U.S. Treasury placing sanctions on the virtual currency mixer.

In April 2022, U.S. citizen and Ethereum developer Virgil Griffith received a 63-month prison sentence for helping North Korea evade sanctions by providing technical advice on cryptocurrency and blockchain technology at an April 2019 conference in North Korea’s capital, Pyongyang.

For this brief, we analyzed how North Korea targets cryptocurrency exchanges and researched Virgil Griffith’s digital footprint using open-source intelligence (OSINT). We identified a pattern of North Korea’s interest in cryptocurrency since 2017 and some concerning social media activity from Mr. Griffith.

North Korea and Cryptocurrency

  • In September 2017, cybersecurity company FireEye, which has since merged with McAfee to form Trellix, reported that state-sponsored DPRK actors targeted South Korean cryptocurrency exchanges from April 2017 – July 2017.
  • In November 2017, Vice News published a report about Pyongyang University of Science and Technology, the only foreign-funded university in North Korea, teaching a class on cryptocurrency. Federico Tenga, an Italian national and the co-founder of Chainside, a cryptocurrency company, taught the class.
  • In December 2017, the National Intelligence Service, South Korea’s equivalent of the CIA, reported that North Korean hackers stole 7 million dollars in cryptocurrency from the exchange, Bithumb.
  • In January 2018, North Korea developed malware to mine Monero, the hardest cryptocurrency to trace. As of the writing of this Overwatch brief, one Monero is currently worth $176.63, and there are 18.1 million Monero coins on the cryptocurrency market.
  • In April 2018, a tourism company, Koryo Tours, announced that North Korea’s cryptocurrency, Koryo, would be available for tourism use.
  • In October 2018, cybercrime research company Group-IB said that North Korean hacking groups were responsible for 65% of cryptocurrency hacks.
  • In March 2019, the UN Security Council published information that North Korea had amassed 670 million dollars of Bitcoin. The UN also said that the DPRK’s cyber-attacks, which include targeting crypto exchanges, resulted in 2 billion dollars for its WMD and ballistic missiles program.
  • In April 2019, U.S. citizen and Ethereum developer Virgil Griffith (The second most popular cryptocurrency globally) spoke at the Pyongyang Blockchain and Cryptocurrency Conference.
  • In March 2020, the U.S. Department of Justice charged two Chinese nationals with laundering 100 million dollars in cryptocurrency for North Korea.
  • In February 2021, North Korean military hackers tried to create a fraudulent blockchain and steal 1.3 billion dollars of money and cryptocurrency.
  • According to Chainalysis, North Korean hackers stole 400 million dollars in cryptocurrency, primarily Ethereum, in 2021.

Our continued research identified a LinkedIn business page titled Pyongyang Startup Incubator. The incubator describes itself as follows, “Built in the glorious Ryugyong Hotel, the Pyongyang startup incubator is the best incubator in the world for startups of all kinds from AR to VR, crypto mining, hardware devices, etc. Please enquire for more information about our specialties and services or to submit an application to be featured.”

Overwatch analysts note that the page is of interest because the North Korean internet is isolated from the rest of the world. However, it was not confirmed that the page belongs to North Korea.

Further, when we visited the website for the incubator, there was no information about the project, only the Ryugyong Hotel.

Virgil Griffith

In January 2019, Mr. Griffith posted to his Facebook page, “I just put down my deposit for going to North Korea on April 18-25. Anyone want to come with? Total cost is 3300 EUR. American citizens allowed. Japan, South Korea, and Israel citizens not allowed.”

Analysts note that Mr. Griffith asked his Facebook followers/friends to come to North Korea during the country’s Blockchain and Cryptocurrency Conference.

Also, in January 2019, Mr. Griffith tweeted from his now-deleted Twitter account, “Getting people to come with me to North Korea for [The Blockchain and Crypto Conference] has been much harder than I thought.”

Four days following the crypto conference in North Korea, Mr. Griffith wrote on Facebook, “If any of my academic/science/tech friends would like to give some lectures on science/technology at the Pyongyang Sci-Tech Complex (North Korea), do let me know. They have reached out to me for recommendations of new people to invite to their country. The time commitment from you would be between 1-3 weeks.”

When a Facebook friend told Mr. Griffith that North Korea is using Bitcoin for illicit purposes, he replied, “Based on what I saw there, I would roll to disbelieve there is significant Bitcoin activity in DPRK. More likely the Russians compromised the machines and hack from there.”

An American with a Ph.D., who will remain anonymous, responded to Mr. Griffith’s post. The American said, “Sh*t, I’d talk about (topological) quantum computers in NK. That would be amazing. I’d be available in August after I finish my PhD.”

Mr. Griffith posted multiple other times about North Korea on Facebook, once suggesting that the DPRK’s social support systems are “probably more complete than Scandinavia.”

Mr. Griffith also had an active YouTube channel, where he posted multiple videos of Nation and Destiny in June 2019. Nation and Destiny are a lengthy series of North Korean propaganda films produced during the reign of Kim Jong Un’s father, Kim Jong Il.


The DPRK will continue to target cryptocurrency exchanges to circumvent sanctions and fund its weapons of mass destruction (WMD) and ballistic missile program. North Korea’s recent 620-million-dollar cryptocurrency theft shows a significant escalation level since its cryptocurrency activity in 2017. The escalation indicates that the state-sponsored Lazarus Group could target an exchange for more than 620-million dollars, directly funding the North Korean state’s illicit activities. We also assess that as North Korea continues to steal cryptocurrency in massive quantities successfully, other rogue states could follow the same illegal model business and use the funding to support their operations.

Mr. Griffith, who pled guilty to helping North Korea evade sanctions, has social media activity indicating that he had no issue teaching North Korea about blockchain technology. Further, his post asking if anyone wants to come to North Korea and offer their expertise suggests that he supports the DPRK at some level, despite its rogue state status and hostile relationship with the United States.

North Korea will continue identifying crypto experts in the West and weaponize that data for further cyber-attacks.

The Growing Demand for Open-Source Intelligence (OSINT)

In the last 17 months, open-source intelligence (OSINT) has become a more widely recognized intelligence discipline. Trends suggest that the need for OSINT, which is data derived from publicly available information (PAI), will grow in the future for government agencies and private companies.

For this Overwatch brief, analysts identified key events where OSINT gained more mainstream attention and how private and public sectors are beginning to recognize the criticality of OSINT.

Key Events

Capitol Riots

Since the Capitol Riots that occurred on January 6, 2021, the FBI has used OSINT to identify individuals involved in criminal activity during this event. Using social media, the FBI continues to ask for the public’s help identifying participants in the riot. Volunteer sleuths have created OSINT-based movements to investigate Capitol Rioters independently. One such group, which calls themselves the Sedition Hunters, has successfully identified many Capitol Rioters and provided that information to the FBI.

In addition, the Department of Justice’s Capitol Breach Investigation Resource Page has a list of every defendant charged in federal court in relation to the Capitol Riot. News media organizations, investigators, and researchers use this data set to conduct further OSINT on Capitol Rioters.

In a previous briefOverwatch used OSINT to identify information about Capitol Rioter Evan Neumann, who fled to Belarus and was granted asylum there. Our open-source research confirmed Neumann’s extensive history in Eastern Europe, interest in “bomb-making,” and business ties to Russia.

Russia-Ukraine War

Before Russia invaded Ukraine on February 24, 2022, many researchers used OSINT to identify Russian troop movements by reviewing videos posted to TikTok, VK (Russia’s version of Facebook), and Telegram. Overwatch found multiple TikTok videos that showed Russian troop movement close to the Ukrainian border or in Belarus’s Gomel Region, where there were no planned military exercises.

While the Russian officials continuously denied plans to invade Ukraine, TikTok videos showed military vehicles and aircraft, weapons systems, and mobile medical units moving closer to the Ukrainian border. Additionally, OSINT was used through satellite imagery to locate field hospitals in Belarus and pontoon bridges.

After Russia invaded, Ukrainians constantly uploaded videos of airstrikes against civilian infrastructure and the Russian military in Ukraine. Analysts used the publicly available data to geolocate where airstrikes took place in Ukraine and identify what Russian military units were in the country.

Private and Public Sector

In 2020, activity from each person online generated 1.7 megabytes of data per second. A significant amount of that data came from social media, with 4.62 billion users globally. Social media by itself is forecasted to be a 939-billion-dollar industry by 2026. Every day, analysts, investigators, and researchers are on social media collecting open-source information to fulfill information requirements for clients in the private and public sectors.

OSINT in the Job Market

quick job search on LinkedIn for OSINT suggests that more private sector companies outside human resources, PI firms, law firms, or security and investigations, some of the industries with the highest OSINT demand, see the need for the intelligence discipline. For example, Live Nation Entertainment, which manages ticket sales for live entertainment in the U.S. and internationally, put up a job posting for a Threat Analyst. One of the primary duties is to “conduct public records and social media searches.”

Another OSINT job in the private sector listed on LinkedIn was for a Crypto Enhanced Due Diligence Analyst, posted by the company Brex. In the ad for the job, one of the responsibilities is to conduct “open-source intelligence to mitigate money laundering and regulatory risks.”

The need for due diligence and compliance also continues to increase; a market expected to grow by roughly 12 billion dollars from its current 16.82 billion dollars by 2026.


Additionally, before the Russian invasion of Ukraine, the U.S. government began to see more value in OSINT. In the Intelligence Authorization Act for the Fiscal Year of 2022, the report suggests using OSINT to counter China’s malign influence. “The Intelligence Community must reorient to engage in a strategic competition with the PRC while countering China’s malign activities globally. To do so, it must continue to build open-source intelligence capabilities and augment capacity; enhance sharing of intelligence capabilities; and strengthen the analytical and collection capabilities relating to non-military threats including technology competition.”

Further, according to Fed Scoop, the U.S. Army is creating a new unit that will use PAI to defend against foreign influence. Fed Scoop reported in March 2022, “By blending military intel with commercial data, publicly available information on foreign adversaries and certain national intelligence systems, it will provide insight necessary for Army Cyber Command to operate and defend networks and influence foreign audiences, the spokesperson added. The team brings together personnel from a wide variety of disciplines across the intelligence and non-intelligence communities.”

Analysts note that creating the new unit will likely prove beneficial. We used OSINT to identify foreign influence from the Chinese state in our first Overwatch brief: Quantum Technology, the People’s Republic of China, and Tsinghua University.

Emerging Technology and OSINT

In a March 2022 interview with Mckinsey and Company, Amy Zegart, a Senior Fellow at the Hoover Institution and Professor of Political Science at Stanford, explained how emerging technologies like AI are challenging intelligence agencies today. These challenges, according to Zegart, all happen in the open-source space.

Zegart said, “They’re doing it in five ways. I call them the five “mores.” The convergence of technology is creating, number one, more threats for the United States—more threats through cyberspace, in particular, that our intelligence agencies need to understand. The second more is more speed: the acceleration of decision-making time means that intelligence has to operate at the speed of networks, not the speed of bureaucracy.”

“The third more is more data; intelligence analysts, like the rest of us, are drowning in data. The fourth more is more consumers—more decision makers outside the government who need intelligence. Think about voters who need intelligence about foreign election interference or tech leaders who need intelligence about cyberthreats.”

“Then there’s the fifth more: more intelligence competitors. I devoted two years and a whole chapter to ‘nuclear citizen detectives’ who are tracking the most secretive nuclear threats around the globe using only unclassified and publicly available information like commercial satellite imagery.”


With the current global conflict and mass adoption of social media, OSINT will become a more mainstream intelligence discipline, helping to dispel misinformation and provide accurate reporting on events. Should the Chinese state invade Taiwan in the future, we assess that analysts will use OSINT to dispel Chinese Communist Party and Chinese State media propaganda, as has been done with the Russia-Ukraine War.

The domestic use of OSINT will grow as private sector companies see a higher demand for due diligence and deep-dive research that alleviates risk for their clients or business. Further, while OSINT has been a part of U.S. government operations since World War II, the success of the usage of OSINT to monitor the Russia-Ukraine War provides a strong use case for the government to put more resources into open-source intelligence.

With internet users creating a massive data trail daily, the need to collect, protect, and analyze that information will only increase. As a result, we assess that both private and public sectors will seek out OSINT subject matter experts to learn more about how their personal data becomes disseminated or compromised and how to limit their digital footprint.

Trafficking and Why Grooming on Social Media is a Major Issue

Human trafficking is a multibillion-dollar industry that includes sexual exploitation and forced labor.  In December 2021, the Biden Administration released The National Action Plan to Combat Human Trafficking. For this brief, Overwatch is focusing on sexual exploitation.

Sex traffickers generate an estimated 99 billion dollars per year globally.  Exact statistics for how many victims of sexual exploitation there are in the United States differ.  Per the Polaris Project, a non-profit, non-governmental organization that combats human trafficking, in 2020, “10,583 situations of human trafficking were reported to the U.S. National Human Trafficking Hotline involving 16,658 individual victims.”

However, according to the U.S. State Department, “It is hard to find reliable statistics related to human trafficking.  The quality and quantity of data available are often hampered by the hidden nature of the crime, challenges in identifying individual victims, gaps in data accuracy and completeness, and significant barriers regarding the sharing of victim information among various stakeholders.”

Sex trafficking is an industry that continues to proliferate, with predators taking advantage of lax monitoring on social media platforms and grooming their targets through online friendships.  For this brief, we identified failures from Facebook in identifying sexually pervasive content and potential exploitation, and we researched how predators target their victims online and build relationships with them.  In addition, we interviewed two subject matter experts on the front lines of this issue.

Facebook (Meta) and Instagram

Facebook, which rebranded to Meta in October 2021, is the most popular platform for traffickers to identify victims and groom them.  Online grooming is when a predator establishes a relationship and trust with their potential victim.  According to McLennan County Sheriff’s Office Detective Joseph Scaramucci, who has worked on the problem set of human trafficking for seven years, Facebook is the “#1 source of grooming for trafficking.”

Scaramucci told Overwatch, “In my experience, Facebook is the #1 source of grooming for trafficking.  There are obviously countless other apps that have chat features, which increases the likelihood that grooming can occur and should definitely be monitored, but overwhelmingly Facebook and Instagram are at the top.”

Scaramucci explained how traffickers use Facebook and Instagram to target their victims.  “Generally, it’s as simple as dialogue, which opens the door to start grooming.  Oftentimes traffickers watch posts made by potential victims to identify potential vulnerabilities, like being in a single-family home, low self-esteem, etc., then start messaging them and acting like the knight in shining armor.”

Jeff Tiegs, who served as a U.S. Army Ranger and Delta Force Operator, is the Chief Operating Officer of All Things Possible Ministries.  Tiegs uses his expertise and experience to counter human trafficking.  Tiegs’ comments provided an additional view of how traffickers operate on social media.

He said, “The ability to recruit and groom victims is at an all-time high.  Facebook.  Instagram.  Snapchat are riddled with predators.  They are all over Minecraft and Roblox.  They use mediums where you can share photos/videos.  They are on Whisper.  They are on Scout.  They are on all the dating sites.”

“A trafficker could be talking to a hundred girls at once and weighing his odds on who he thinks is most vulnerable.  These pimps are using proxy pimps to be a step removed in the targeting.”

Despite Facebook’s policy against pornography and sexual exploitation, analysts identified multiple Facebook groups with suggestive and pornographic material themed around finding a girlfriend and/or strippers, as well as Whatsapp numbers to connect with the people who posted the photos.

In one group on Facebook, which has 424 members, a user who we are not identifying posted an image with a link to her OnlyFans.

Photo Credit: Facebook/Screenshot.  Images are censored by Overwatch.

OnlyFans is known for its pornographic subscription content. Tiegs told us of OnlyFans. “With the rise of OnlyFans, which went through the roof during COVID, the pimps are diversifying, the girl is being sold physically to a buyer, and they can film the acts and sell it on OnlyFans. When you talk about it from a grooming perspective, if you can convince a young girl to show her body on OnlyFans, it is easier, in the long run, to get her to do the actual physical acts.”

Continuing Research on Individual We Are Not Identifying

Further research into the individual identified a Twitter account for her.

In a post on Twitter, she uploaded an explicit video with a caption that shows she does outcalls.  “Outcalls” mean that person will travel to the buyers’ location.  Analysts conducted searches on the user and found profiles on, which hosts many escort pages.  On, there is a Snapchat photo of the individual, where she lists the areas, she does outcalls.

Photo Credit: Sumosearch/Screenshot.  Images are censored by Overwatch.

In addition, she has a profile on Callescort. Both the and Callescort pages provide her phone number, which has a Maryland area code.

Analysts cannot confidently say that this individual is a victim of sex trafficking, but her escorting and social media posts suggest that it could be possible.

How OSINT is Used to Hunt Traffickers

Scaramucci said of OSINT efforts to counter human trafficking.  “OSINT helps oftentimes identify who the traffickers are, as well as who the victims are.  A large majority of sex trafficking occurs on and through the internet, which is hard to escape in any way these days.  Being in photographs, sharing on social media, even things as simple as purchasing food all happen on the internet.”

“They’re constantly leaving the crumbs that can be used to follow them.  It can also provide glimpses of where they have been, which can lead to federal charges if we can show they transported their victims across state lines.”

At Echo Analytics Group, we participate in Skull Games with All Things Possible Ministries.  Skull Games is an event where vetted OSINT experts use their online research skills to identify potential victims of human trafficking as well as the potential pimps controlling some of these girls.  Once a victim or person of interest is identified, the analysts write up a report containing the path of discovery to the identity.  That report is then provided to Law Enforcement in the field to action as they see fit.  During our most recent Skull Games, analysts provided Law Enforcement with the identification of 25 potential sex trafficking victims and eight persons of interest.


We assess that sex traffickers will continue to use major social media platforms to target their victims, as there are no significant security or monitoring measures to prevent the targeting from occurring.  Traffickers will take advantage of public groups on Facebook with themes like finding a girlfriend and strippers because pornographic material is posted repeatedly on such pages, making it easier to share their content in those groups.  Additionally, we identified many other links on Facebook through a basic Facebook search, suggesting that the platform is not thoroughly following its policy against sexual solicitation.

Based on the lax policing of traffickers/groomers online, the number of traffickers will grow, not decrease, in 2022.  As a result, sex trafficking revenue will increase, providing more funding for criminals to operate and commit their illicit acts.  Without tech companies dedicating a significant amount of time and resources to counter sex trafficking, the problem will persist significantly, making it harder to identify those targeting people online for sex trafficking.

NFTs Set to Become 100-Billion Dollar + Industry

NFT stands for Non-Fungible Token and is a unique digital asset, generally tied to art, music, gaming, or videos that can be sold and traded on the blockchain. In previous articles, Overwatch discussed cryptocurrency and the metaverse; the blockchain is a digital ledger that records financial transactions and tracks digital assets.

NFTs are best known to the public as collectible digital art. An NFT could be something as basic as a drawing done on Microsoft Paint and then integrated on the blockchain. However, NFTs with use cases are becoming much more popular, providing the NFT holder with benefits like the ability to play and earn cryptocurrency from blockchain-based video games, access to social media influencers and celebrities, sports memorabilia, and more. While NFTs are digital assets, they also access goods and services in the real world.

One of the most popular NFTs — Bored Ape Yacht Club — provides an owner with access to a chatroom with celebrities on Discord, a text, video, and chat app used by over 300 million people. The average price for a Bored Ape Yacht Club NFT is 95 Ethereum, known as ETH (the world’s second most popular cryptocurrency), equivalent to $232,560.00.

In 2021, trading in NFTs reached about 22 billion dollars. In addition, last year, venture capital firms invested over 4 billion USD into NFT projects, which is according to Venture Capital Journal, “eleven times more than the previous seven years combined.” Open-source research suggests the NFT market will grow by 147.24 billion dollars in the next four years.

While NFTs are present on Twitter, Meta (Which owns Instagram) recently announced its plans to incorporate NFTs into its platform.

Thousands of NFT sales occur every hour, and new NFTs are released daily on NFT exchanges like OpenSea. However, according to OpenSea, the largest NFT marketplace, nearly 80% of NFT projects on its platform are either “spam, plagiarized, or fake collections.” Further, cybercriminals frequently target NFT holders, NFT projects, creators, and NFT exchanges.

With NFTs projected to have a significant financial impact on the digital world, analysts researched the digital assets further and determined how NFTs could gain more mainstream adoption in the future. Additionally, we investigated how scammers use NFTs to commit fraud on the blockchain and will provide some suggestions for mitigating risk regarding NFTs in this brief.

Brief Background on NFTs

The first NFT, the Colored Coin, was created in 2012. The Colored Coin, which was on the Bitcoin blockchain, had multiple use cases. Per Exhibit.Tech, its use cases were for “coupons, real estate, [the] possibility of creating your cryptocurrency, distribution of a company’s shares, and purchasing subscriptions.” However, research indicates that the use cases proposed for Colored Coins did not receive implementation on the blockchain.

In 2017, CryptoPunks were released on the Ethereum blockchain. Initially, CryptoPunks were free to anyone with an Ethereum wallet. CryptoPunks had no use case but gained popularity as the first widely recognized digital art pieces. The current lowest price available for a CryptoPunk is 56.54 ETH, which equates to approximately $138,000.00.

NFTs began to receive more mainstream adoption in 2021, with the highly publicized launch of the Bored Ape Yacht Club and other projects.

NFTs with Use Cases

NFTs are quickly becoming a popular asset within the gaming world, an approximately 155-billion-dollar industry. Some of the largest gaming companies globally have expressed interest in bringing NFTs into gaming. Those companies include Nintendo, Square Enix, EA, and Ubisoft.

Our research suggests that many people purchase NFTs because their primary use case is tied to a video game, where they can play and earn rewards like cryptocurrency. With over 2 million users, Axie Infinity is the most popular play-to-earn game on the blockchain. Those who own NFTs with play-to-earn utility take the rewards from their game and exchange them for USDC, a stable coin cryptocurrency backed by the U.S. dollar.

While gaming may be one of the most popular use cases for an NFT, NFTs use cases are also associated with sports, travel, philanthropy, the metaverse, virtual land, digital identity, and exclusivity. Celebrities like NFL quarterback Tom Brady, business magnate Mark Cuban, and Hollywood actress Reese Witherspoon have invested in NFTs.

Exclusivity is a significant driver of NFT ownership. For example, analysts’ research identified an NFT called Space+, which aims to provide NFT owners with real-life space experiences.

Photo Credit: Space+NFT

Scammers and NFTs

The most common form of an NFT scam is called a rug pull. With a rug pull, NFT creators develop a significant level of support for their project on social media and considerable funding from either investors or consumers interested in the project before it goes live. However, the NFT does not meet the standards it promised consumers on its launch day. As a result, the value of the NFT plummets, and its creators shut down the project.

In March 2022, the Department of Justice charged Ethan Nguyen and Andre Llacuna, who launched the NFT, Frosties, with one count of wire fraud and committing money laundering for their rug pull with Frosties.

The DOJ press release for Nguyen and Llacuna’s arrest reads, in part, “HSI Acting Special Agent-in-Charge Ricky J. Patel said, “‘The trending market and demand for NFT investments has not only drawn the attention of real artists but scam artists as well.  The arrested thieves allegedly hid behind online identities where they promised investors rewards, giveaways, and exclusive opportunities before implementing their ‘’ scheme – leaving investors with empty pockets and no legitimate investment.’”

4 Things You Can Do to Avoid an NFT Scam

  1. Perform multiple Google searches about the NFT and the team members who are part of the project. Many NFTs have team members with aliases or who are anonymous. We suggest avoiding these NFT projects, as they could be future rug pulls.
  2. NFTs are receiving billions in investment from venture capital firms. If the NFT website does not have a professional look, or there are misspellings and poor grammar, it could be a future rug pull.
  3. If the NFT website asks you to provide your private key for your cryptocurrency wallet, it is most likely involved in illicit activity.
  4. Perform a reverse image search of the NFT art. You can do this by going to Google, clicking images, and uploading. The art may be stolen if the results are returned with the image on many different websites or platforms.


In 2022, we assess that NFTs will likely receive more funding and mainstream support than reported in 2021. NFTs with use cases that provide exclusive benefits to digital asset holders will probably be the primary driver of the NFT market in 2022. In addition, as NFTs generate more considerable revenue, scams and fraudulent activity will increase, creating more risk in the blockchain environment. NFT holders who do not perform due diligence will likely fall victim to NFT scams.

With the further adoption of NFTs on social media, general consumer awareness about NFTs will also grow in 2022. Instagram, which has over 1 billion users, will begin testing NFTs this week. Other social media platforms are likely to follow similar trends with NFTs.

With NFTs projected to become a 100-billion-dollar industry, investors, collectors, and creators of digital assets will remain at risk. However, without significant educational awareness regarding rampant scams in the NFT marketplace, NFT exchanges will continue to be plagued with illicit activity.

What Could Happen if Finland Joins NATO

On Wednesday, May 4, 2022, a Russian Mi-17 helicopter violated Finnish airspace. The violation comes as Finland considers NATO membership amid the Russia-Ukraine war about 1,200 miles away from its border. On the same day as the airspace violation, members of the U.S., British, Latvian, Estonian, and Finnish militaries participated in a military exercise in Satakunta, in Western Finland.

In addition, on May 4, 2022, Finnish Prime Minister Sanna Marin explained that any application process to NATO needs to be approved within a short time frame. Marin said, “The key issue is to keep the ratification process as short as possible … That would be the best security guarantee.”

According to Iltalehti — one of Finland’s most circulated news outlets — Finland plans to apply for NATO membership on May 12, 2022.

While Sweden is also seriously considering NATO membership, Overwatch focused on Finland for this brief.

Overwatch reviewed comments from Russian officials about Finland potentially joining NATO and spoke to Finns in Finland to get an on-the-ground perspective on the issue. Our research indicates that Finland’s NATO membership will not lead to a larger military conflict in Eastern Europe, which lessens the possibility for the U.S. or NATO to have a direct conflict with Russia.

Recent Comments from Russian Officials

On March 13, 2022, Russian Foreign Ministry Second European Department Director Sergei Belyayev said of Finland and Sweden joining NATO. “It is obvious that Finland and Sweden’s joining NATO, which is a military organization in the first place, would have serious military and political consequences requiring us to revise the entire range of relations with these countries and take retaliatory measures.”

On April 7, 2022, Kremlin spokesman Dmitry Peskov said Russia would have to “rebalance the situation” should Finland and Sweden join NATO.

On April 14, 2022, former Russian President Dmitry Medvedev, and current Deputy Chairman of the Security Council of Russia, said of Finland and Sweden’s potential NATO membership. Russia will have to “seriously strengthen the grouping of land forces and air defense, deploy significant naval forces in the waters of the Gulf of Finland. In this case, it will no longer be possible to talk about any nuclear-free status of the Baltic – the balance must be restored.”

While Medvedev threatened the idea of a nuclear-free status in the Baltic should Finland join NATO, the Baltic currently is not a nuclear-free region. In Kaliningrad, which is in the Baltic Sea, it has a nuclear weapons storage bunker and the capability to deliver a nuclear payload using its Iskander missiles.

On the Ground Perspective in Finland

Petri Mäkelä served in the Finnish Rapid Deployment Force and has been a reservist for 15 years.

Mäkelä told Overwatch what he thinks Finland’s chances of joining NATO are, and how Russia may respond to the move. “I’d say it 90+% sure that Finland joins. Russia will do small things to annoy us, like counter-sanctions and cutting off gas. They don’t really have the numbers for military action at the moment. We can throw 280k men in the fight within a few days of notice.”

Mäkelä explained how Russia doesn’t have any significant political influence, and its financial influence is waning in Finland. “They have some political power, especially among older politicians, but not enough to matter. Their economic power has declined rapidly as there is no trade or tourism and the only big investment was a nuclear powerplant, which was just canceled.”

Henri Hautamaki is the chairman of Suomen Sisu, a nationalist organization in Finland.

Sisu said of Finland joining NATO. “Well, personally, I consider it to be good for our security. Granted, Russia won’t like it, but they can’t do overly much about it. If, or rather when Finland joins the alliance, Russia’s potential for pressuring Finland with the threat of military force will lessen, as will the chance of them actually launching an invasion sometime in the future. Especially with their failures in Ukraine, Russia cannot credibly maintain the picture that they would rapidly overwhelm the Finnish defense during wartime. When we add NATO to that, their attack would quickly end up with them being in a battle for the very existence of their state. Russia will, of course, try to do everything possible to disrupt the joining process, but it is rather doubtful they could find any real success.”

Another Finn we spoke to, who requested to remain anonymous, said that they support Finland joining NATO, and they expect “more military pressure in the Baltic Sea.”

Further, according to survey data from Mtvuutiset, 68% of Finns support Finland’s NATO membership. Mtvuutiset reported, “68 percent of Finns believe that Finland should join the military alliance of NATO.”


Overwatch assess that Russia will continue to target Finland for its potential membership in NATO. However, a military confrontation is unlikely, as Russia continues its operations in Ukraine and lacks the manpower to respond to a quickly prepared force of Finns in a potential conflict. Attacks will likely be limited to cyber, economic sanctions, airspace violations, and disinformation campaigns from Russia.

Additionally, both Germany and the U.K. have pledged their support to Finland in the event of a confrontation with Russia, which decreases the chances of an attack by Russia on Finland. Germany and the U.K. continue to receive serious threats based on their support for Finland and other European countries opposing Russian aggression. NATO membership for Finland would provide the Nordic nation with more security guarantees, which will also likely limit the possibilities for further escalation with Russia.

Finland has an annual GDP of $253 billion. Its main exports are refined petroleum, kaolin-coated paper, and cars. However, these goods are also produced by the United States and other major world powers, which suggests that a Russia-Finland conflict would not significantly impact markets as the Russian-Ukraine war has with food and gas prices.

How Do You Govern Disinformation?

Legislators and thousands of Americans continue to voice concerns about any government agency or entity being the final arbiter of truth when it comes to speech and information. Many Americans are wondering how far down the slippery slope we will go before we reach censorship, given the recent history of Twitter, Facebook, LinkedIn, and YouTube censoring material, suspending accounts, and de-platforming individuals and organizations. On Wednesday, April 27, 2022, the Department of Homeland Security (DHS) Secretary Alejandro Mayorkas testified in front of the House Homeland Security Committee and revealed the DHS is creating the Disinformation Governance Board. This disclosure came following a question from Representative Jim Langevin (D-R.I.) who asked about the department’s efforts “…to shore up election security from Russian cyber interference, give confidence to the committee and the American people that we’ve got this, and we are ready to protect and defend our electoral process.” In response Secretary Mayorkas said that a board was just established in order “…to more effectively combat this threat not only to election security but to our homeland security.”

This Disinformation Governance Board will operate out of the DHS, co-chaired by DHS Undersecretary for Policy Rob Silvers and DHS Principal Deputy General Counsel Jennifer Daskal. The Board’s Executive Director, Nina Jankowicz, is charged with carrying out the broadly stated mission “to protect privacy, civil rights, and civil liberties.”

Words Matter

Every relationship, family, and culture depends on and grapples with the ability to communicate effectively with words and their definitions serving as the foundation. Likewise, civilizations throughout history depend on a trusting and transparent relationship between citizens and the government entities that serve them.

The DHS has yet to clearly define “disinformation” regarding their newly stated mission for the Disinformation Governance Board. The word’s definition seems to be in flux. [1] Disinformation, as defined by the Oxford English Dictionary (OED) in 2018, was “the dissemination of deliberately false information, [especially] when supplied by a government or its agent to a foreign power or to the media, with the intention of influencing the policies or opinions of those who receive it.” However, as of 2022, the Oxford English Dictionary describes disinformation as “a form of propaganda including the purposeful spread of incorrect information with the intent to deceive or mislead.”

In addition, the Cybersecurity & Infrastructure Security Agency (CISA), a Department of Homeland Security subordinate agency managed by Director Jen Easterly, issued infographics outlining and defining disinformation, misinformation, and malinformation. [2] CISA aligns itself with the more recent OED definition of disinformation in their infographic “Disinformation Stops With You,” defining it as “…information that is purposely designed to mislead, injure, or influence a person, social group, organization, or country.” CISA’s definition of malinformation leaves some questions unanswered. While misinformation and disinformation are based falsehoods, malinformation is based in fact, yet included in the “Types of false info” on their infographic. A clearly articulated strategy and purpose statement could also define the standard used as the baseline for “context,” the legal definition of “harm,” and what constitutes “manipulate.”

DHS’ stated mission as a department is to “With honor and integrity…safeguard the American people, our homeland, and our values.” Given the lack of clarification on how DHS will define disinformation, and how they intend to use this new governance board to carry out this claimed purpose, Overwatch can only look to America’s past for examples of times when the government sought to impose speech and press restrictions.

Historical examples of government limits on speech and the press

Generations of Americans before us faced similar activities where the United States government sought to dictate the limits of speech.

Alien and Sedition Acts 1798

In 1798, on the precipice of a quasi-war with France, the Adams administration passed the Alien and Sedition Acts. The Sedition Act made it illegal to “…write, print, utter or publish…any false, scandalous, and malicious writing…with intent to defame the…government” or “to stir up sedition within the United States.” The goal of this legislation was to limit the ability of France to influence the U.S. population. As a result of the passage of these laws, there were twenty-five arrests, fifteen indictments, and ten convictions. The vast majority were from newspapers affiliated with the then minority, the Democratic-Republican Party. The laws were then allowed to expire in 1801.

Espionage and Sedition Acts 1917

The Espionage Act of 1917 criminalized efforts and movements to limit the U.S.’s ability to manufacture and produce wartime supplies. [3] These activities were treated as sabotage against the government’s pursuit to defend itself and the military’s ability to fight. The final bill signed in June 1917 addressed spying, flying over forbidden sites, sabotage, interrupting foreign commerce, seizure of arms, and deliberate interference with the military.

The Seditions Act of 1918 served primarily as an amendment to the Espionage Act of 1917, criminalizing “disloyal, profane, scurrilous or abusive” speech about the United States, its symbols; speech to impede war production; and statements supporting a country with which the U.S. is at war. These acts led to over 2,000 arrests and multiple court cases, with the two most notable being: Schenck v. United States and Abrams v. United States, both in 1919. The Schenck case introduced one of the most recognizable free speech references through Justice Holmes’ unanimous majority opinion, which states, “The most stringent protection of free speech would not protect a man falsely shouting fire in a theater and causing panic…”. The Schenck ruling was limited by Brandenburg v. Ohio 1969, which ruled speech can only be banned when it is directed to and likely to incite imminent lawless action, which remains today. Lon Strauss, an assistant professor at the Marine Corps Command and Staff College, stated, “the whole reason behind the Espionage Act and the Sedition Act was the fact that the government understood that words matter, words had influence.”

Government Misleading Citizens and Hiding Truth

Many Americans feel less confident in their freedoms to voice their opinions publicly, assemble and protest, and exercise or express religious beliefs. YouGov and Americans for Prosperity surveys revealed Americans trust public leaders less and less in handling policies and protecting their constitutional rights, following the COVID-19 pandemic, and experiencing and witnessing the restrictions and mandates governments carried out without following the constitutionally mandated legislative process.

Citizens remember dozens of examples of the government providing false information to the public or omitting critical information under no risk to national security. The George W. Bush administration irresponsibly took the nation to war under the false and often manipulated pretense that WMDs were present in Iraq. The Obama administration’s Internal Revenue Service (IRS) targeted conservative organizations applying for tax-exempt status by delaying the requests and “demanding unnecessary information.” More recently, the endless claims that Donald Trump and his campaign colluded with the Russians to win the 2016 election have been disproven by the Mueller report.

The public’s lack of faith and general distrust in the federal government has sound precedence as Secretary Mayorkas announces the Disinformation Governance Board on Capitol Hill. Failing to provide any transparent insight into the limits under which the Board will exercise its mission, and the precise descriptions of activities and behaviors they will monitor harden scrutiny felt across the country and on both sides of the political aisle. Consequently, appointing Nina Jankowicz as the Executive Director opens the Department to criticism because of her comments and social media posts over the past three years. Ms. Jankowicz’s comments on social seemed to be aligned with a singular political party as she rushed to defend the assertion that the New York Post’s story on Hunter Biden’s laptop was a Russian disinformation operation. On March 16, 2021, Ms. Jankowicz tweeted:

Our Assessment

If left unchecked, the U.S. DHS will politicize the use of the Disinformation Governance Board by using it to remove dissent within the citizenry to silence political opposition. Like the Espionage and Sedition Acts, disloyal, profane, scurrilous, and disloyal speech toward the government’s fight against domestic terrorism and white supremacy will be censored, removed from the internet, and “violators” will be prosecuted.

The decision to develop a governance board coincides with a change of perception some citizens have of Elon Musk’s acquisition of Twitter. Funding for this Board must be carefully prioritized with measured performance objectives given the economic crisis in the U.S. and continued efforts at uncontrolled government spending. Questions continue to arise about the government’s chosen missions for the Board, given that a March 2021 Joint Report from the Department of Justice and Department of Homeland Security found no foreign governments directly interfered with our voting process. The report states, “No evidence that any foreign government-affiliated actor prevented voting, changed votes, or disrupted the ability to tally votes or transmit election results in a timely manner; altered any technical aspect of the voting process; or otherwise compromised the integrity of voter registration information of any ballots cast during 2020 elections.”



[1] This problem of unclear definitions is the same issue facing the European Union, which began acting on the regulation of disinformation in 2018, according to a 2021 article published in the Journal of Internet Regulation.

[2] Overwatch found “malinformation” referenced only on Urban Dictionary, University of Minnesota’s eLibrary, Slang Define, and a research site Qeios.

[3] The largest consolidated group engaging in this activity in the United States, and to a lesser degree in Australia, was the International Workers of the World (IWW). The IWW labeled WWI the “bosses war” and described it as an “imperialist war” looking to grab more land and expand industrial efforts to gain power and grow wealth. The IWW sought to sabotage America’s war efforts through labor strikes at ammunition factories and other boycotts disallowing the manufacturing of required warfighting weapons and materials.