Treasury Department Sanctions Suspected North Korean Hacker Groups

The United States Treasury Department has announced that it will be imposing further sanctions against several hacker groups which have been repeatedly linked to the government of North Korea, citing their contributions to the country’s “malicious cyber activity on critical infrastructure.”

Late last week, the Department of Treasury published a press release announcing the sanctions against the North Korean hacking groups, focusing more on the renowned Lazarus Group, as well as Andariel and Bluenoroff. 

In the release, Sigal Mandelker, the Under Secretary of the Treasury for Terrorism and Financial Intelligence, explained that the action is coming in the wake of several allegations that these hacker groups have been working at the behest of the North Korean government, actively supporting the Kim Jong-Un administration in its illicit missile and weapons programs. 

Expressing a commitment to end this problem, the policymaker added, “We will continue to enforce existing US and UN sanctions against North Korea and work with the international community to improve the cybersecurity of financial networks.”

The allegations against North Korea originated back in August, when the United Nations claimed that Pyongyang had been able to make up to $2 billion so far through its hacking efforts. 

According to a report by popular news medium Reuters, the UN Security Council North Korea sanctions committee revealed that the North Korean government had gotten a significant amount of funding through its hacker groups. 

The report added that these hackers usually target banking institutions and cryptocurrency exchanges based outside of North Korean shores, with a vast majority of the proceeds going to the weapons instead.

“Democratic People’s Republic of Korea cyber actors, many operating under the direction of the Reconnaissance General Bureau, raise money for its WMD (weapons of mass destruction) programs, with total proceeds to date estimated at up to two billion US dollars.” 

The motive, of course, is rather clear; North Korea has been under sanctions from both the United States and the international community for the better part of a century now, with Washington particularly imposing strict levies on travel and trade activities to the country. 

Facing no other choice to keep operations running, Pyongyang turned to the dark side of cryptocurrencies. The aforementioned Lazarus Group has reportedly been very instrumental in the country’s plans, as its malign activities have affected several countries. The Group was reportedly behind a phishing cryptocurrency scam which targeted users of popular South Korean exchange and Bitcoin trading platform UpBit.

As the Treasury Departments release notes, North Korea-sponsored hacker groups have been able to steal up to $571 million in crypto assets alone between January 2017 and September 2018. All of these funds were from crypto exchanges alone, so imagine what banks have lost in that time as well.

Suddenly, $2 billion seems possible. 

Now, for its part, North Korea has come out to refute these claims. Earlier this month, the Korea Central News Agency (KCNA), a state-owned news outlet, claimed that the allegations were no more than “Fabrications by the hostile forces… aimed at tarnishing the image of our Republic and finding justification for sanctions and pressure campaign against the DPRK.”  

True or not, the sanctions have been placed. Now, we see how Pyongyang responds.