On Friday, 14th September 2019, The US Treasury Department announced sanctions on North Korean hacking groups that are said to be sponsored by three states. This nasty group of hackers has been sanctioned for attacking US critical infrastructure and they have also been stealing millions from the financial sector that goes to funding the North Korean Government according to the official claims of the US.
The sanctions have been issued to the associated code names Bluenoroff, Lazarus Group, and Andariel since their identities are still unknown. The United States Agency claims that these three hacking groups are connected to the North Korean government’s Reconnaissance General Bureau. The Reconnaissance General Bureau is already on the sanction list of the US.
Sigal Mandelker, the Treasury Under Secretary for Terrorism and Financial Intelligence said in a statement that North Korean hacking groups have been perpetrating cyber attacks for supporting illicit weapon and missile programs. Treasury is taking action against them. She also said that they will work with the international community for improving the cybersecurity of financial networks and will continue enforcing existing U.S. and UN sanctions against North Korea.
Due to this order, the American companies along with the Banks will be forced to cut off any ties with the hacking groups have in the US and freeze any assets belonging to them. Also, they will be required to report their activities to the federal agencies. If they are found violating the orders, the individuals or the Companies will face penalties from the Treasury Department.
The sanctions will lead the companies in the US to look for any possible ties to the hackers but their shadowy tactics to stay hidden will make the job extremely tough. The US charged Park Jin Hyok, a North Korean programmer for working as a member of the Lazarus Group a year back. This group was blamed for the Sony Pictures hack in 2014 and the outbreak of Wannacry Ransomware. The investigations showed that Hyok was an employee of Chosun Expo, a front company that provided IT work.
On 14th, the Treasury Department blamed the Korean Hackers for committing cyber espionage as well, especially against the South Korean Government. The Federal Cyber agencies have been sharing the malware samples used by the North Korean Hackers so that the IT security team knows what they are dealing with and protect the companies and the banks.
One of the directors of FireEye, a cybersecurity firm said that it is highly doubtful that North Korean hackers will stop their attacks despite the threat of sanctions since much of their activities take place beyond the US soils, in the countries that don’t possess the same power as the US.
According to the reports from the United Nations, North Korean hackers might have stolen approximately $2 billion for funding the nuclear weapon’s program of the country. The cryptocurrency exchanges were targeted for the theft and funds were stolen from the financial institutions via ATM machines and the SWIFT messaging system. The North Korean government has denied all the allegations by calling it “ill-hearted rumors.”