OFAC Sanctions North Korean Cyber Groups
The Treasury’s Office of Foreign Assets Control sanctioned three North Korean state-run hacking groups responsible for supporting the country’s illegal weapons and missile programs, Treasury said in a Sept. 13 press release. The cyber groups -- Lazarus Group, Bluenoroff and Andariel -- work on behalf of North Korea to conduct “cyber espionage, data theft, monetary heists and destructive malware operations,” Treasury said.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Lazarus Group targets government, militaries, banks and manufacturing and shipping companies, and works for North Korea’s Reconnaissance General Bureau, which is responsible for “malicious cyber activity” and arms trade, Treasury said. The Lazarus Group was involved in a 2017 ransomware attack that impacted more than 150 countries and shut down 300,000 computers, including the United Kingdom’s National Health Service, the press release said.
Bluenoroff, a “sub-group” of Lazarus Group, was created by North Korea to “earn revenue illicitly in response to increased global sanctions,” Treasury said. The sub-group conducts “cyber-enabled heists” on foreign banks to make money for its nuclear weapons and missile programs. Andariel, also a sub-group, focuses on targeting foreign businesses, government agencies, private corporations “in order to collect information and to create disorder,” Treasury said.
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” Sigal Mandelker, Treasury’s undersecretary for terrorism and financial intelligence, said in a statement. “We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”