The US Treasury Department has just announced new sanctions against online criminal groups based in North Korea. The groups have reportedly conducted cryptocurrency ransomware attacks and other cyber crimes aimed at subverting international sanctions against the state.
The US Treasury believes these attacks are directly funding the North Korean missile programme. This presents those companies affected by ransomware with a tough choice – lose access to crucial data for good or fund a potentially dangerous nation’s military preparations.
North Korean Hackers Use Cryptocurrency to Fund Government Missile Programme
According to a press release published earlier today by the US Department of the Treasury, there are to be new sanctions against North Korean hackers groups believed to be funding the nation’s missile programme using various criminals means. This has included hacking of cryptocurrency exchanges and ransomware attacks.
The release names three such groups explicitly: “Lazarus Group,” “Bluenoroff,” and “Andariel”. It goes on to state that the agency believes these groups to be directly linked to the North Korean government.
From today, the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has officially banned dealings of US citizens or financial institutions with the groups mentioned.
Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence, stated the following of the sanctions:
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs… We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”
Of the groups mentioned, the Lazarus Group are perhaps most well known. Lazarus is thought to have gone after high profile institutional targets. These include government, military, and financial institutions, as well as other large companies involved with shipping, critical infrastructure, and publishing.
Lazarus is believed to have been created by the North Korean government in 2007. It was involved in the massive ransomware attack known as WannaCry 2.0. The hugely destructive attack saw hundreds of thousands of computer systems frozen in exchange for cryptocurrency ransom payments.
The other two groups are believed to be offshoots of the Lazarus Group. The release states that Bluenoroff specialises in backdoor intrusions and phishing attacks. It was first noticed in 2014. It has since attempted to steal more than $1.1 billion from various financial institutions, including cryptocurrency exchanges.
According to the release, the second splinter group, Andariel, focuses more on malicious cyber activity against other businesses and government agencies. The group has been linked with hacking poker and gambling sites, as well as ATMs to help North Korea subvert sanctions against it. It is also known to target South Korean government and military personnel to gather intelligence.
Related Reading: Central Bankers Ready to Boost Bitcoin Price Sky-High; Here’s Why
Featured Image from Shutterstock.