The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions today that will target “three North Korean state-sponsored malicious cyber groups responsible for North Korea’s malicious cyber activity on critical infrastructure.”
OFAC identified hacking groups known as “Lazarus Group,” “Bluenoroff,” and “Andariel” as controlled entities of North Korea’s government.
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker said in a press release. “We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”
Treasury noted that Lazarus Group engages in cyber espionage, data theft, monetary heists, and destructive malware operations to target government, military, and financial institutions, among others. Bluenoroff and Andariel are two subgroups of Lazarus Group. The Bluenoroff subgroup “conducts malicious cyber activity in the form of cyber-enabled heists … in part, for [North Korea’s] growing nuclear weapons and ballistic missile programs.” Andariel “focuses on conducting malicious cyber operations on foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses” and targets South Korea’s government and infrastructure, Treasury said.