September 13, 2019

OFAC targets North Korean state-sponsored cyber attackers

On September 13, 2019, the Office of Foreign Assets Control of the US Department of the Treasury announced the designation of three North Korean entities as agencies, instrumentalities or controlled entities of the government of North Korea.  The designations, pursuant to Executive Order 13722, target the Lazarus Group hacking group and two of its subgroups, Andariel and Bluenoroff, based on their relationship to the North Korean intelligence bureau, the Reconnaissance General Bureau, which was designated by OFAC in January 2015 pursuant to Executive Order 13687, and by the United Nations in March 2016.  According to OFAC, the designated entities are involved in cyber espionage, data theft, cyber-enabled heists on foreign financial institutions, and ransomware attacks in the US, Australia, Canada, New Zealand and the UK. 

Pursuant to these sanctions, the US property of the designated entities are blocked, and dealings by US persons that involve blocked or designated persons or property are generally prohibited.

US Dept. of the Treasury press release