US imposes sanctions on 3 North Korean 'malicious' cyber group

The United States Treasury Department has imposed sanctions on three North Korean "state-sponsored malicious" cyber groups. The Office of Foreign Assets Control (OFAC) of the US Treasury Department announced the sanctions today and accused the groups of being responsible for North Korea’s malicious cyber activity on critical infrastructure.

Within the global cybersecurity private industry, the three sanctioned groups are commonly known as “Lazarus Group,” “Bluenoroff,” and “Andariel”. The latter two are the subgroups of the former.

The Treasury said it identifies the groups as agencies, instrumentalities, or controlled entities of the Government of North Korea based on their relationship to the Reconnaissance General Bureau (RGB).

Lazarus Group, Bluenoroff, and Andariel are controlled by the US- and United Nations (UN)-designated RGB, which is North Korea’s primary intelligence bureau.

Treasury Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker said, “Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs.”

“We will continue to enforce existing US and UN sanctions against North Korea and work with the international community to improve the cybersecurity of financial networks,” he added.

The Treasury said Lazarus Group targets institutions such as government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure, using tactics such as cyber espionage, data theft, monetary heists, and destructive malware operations.

Bluenoroff conducts malicious cyber activity in the form of cyber-enabled heists against foreign financial institutions on behalf of the North Korean regime to generate revenue, in part, for its growing nuclear weapons and ballistic missile programs.

Andariel focuses on conducting malicious cyber operations on foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.