Jake Hulina on Arms Control Wonk cites a few instances of how North Korea continues international trade despite sanctions, such as this one:
Despite the efforts of Cambodia and Fiji, North Korean vessels have continued to exploit their flags by manipulating their Automatic Identification System (AIS) transponders – devices designed for improving navigational safety. AIS transponders transmit a series of unique vessel identifiers among other physical and geographic characteristics. Of these unique identifiers, the Maritime Mobile Service Identity (MMSI) number – specifically the first three digits – is used to convey a vessel’s national affiliation. By altering this number, a vessel can claim any number of national affiliations without the knowledge or authorization of the countries affected. North Korean MMSI manipulation not only enables vessels to conceal illicit trade, but may also lead to reputational harm for the exploited states as it implicates them in activities they had no part in. …
From at least 15 November 2019 until at least 11 February 2020, a cargo vessel using a Fijian MMSI number to transmit under the name A LI can be observed in AIS data operating off the coast of China. Beyond the immediate red flag that Fiji does not officially operate any international cargo vessels, there are several signs the vessel may be involved in illicit activity. The vessel’s AIS was disabled when it appeared to be headed in the direction of North Korean territorial waters, suggesting potential trade with North Korea. In addition, the IMO number – a supposedly unique identifier assigned to a vessel’s physical structure – transmitted by the A LI is assigned to an Indian tugboat.
Moreover, A LI’s transmitted length of 146 meters matches with that of YON PUNG 3, a North Korean vessel. In addition, YON PUNG 3’s IMO number (8314881) is almost identical to the transmitted IMO of A LI (8814881). The close relation between these two IMO numbers is telling; North Korea frequently alters existing IMO numbers to create false vessel identities.
AIS data, while initially supplied for one limited application, appears to be processed for many other applications these days. I haven’t been able to track down any application using this data to identify potentially fraudulent use of AIS, but it’s almost certainly out there. Hulina cites IHS Markit for the source of his information, which appears to be an interesting information supply business, but I didn’t find anything on this subject on a quick scan.