Three North Korean groups the US says are responsible for billions of dollars’ worth of cyber thefts and attacks, including cryptocurrency exchange hacks, have been hit with sanctions, the US Treasury Department announced over the weekend. The North Korean state has earned over $2 billion from cyber-attacks since 2007 according to an August report from the United Nations Security Council, with many large scale crypto exchange hacks the work of the communist state. The Treasury Department has now highlighted the three groups responsible for the majority of the activities and is “taking action” against them and the state itself, who it says backs the activities in order to fund its weapons programs.
Treasury sanctions North Korean state-sponsored malicious cyber groups https://t.co/0CT8WltVCl
— Treasury Department (@USTreasury) September 13, 2019
Three Groups Highlighted
The three groups the Treasury Department has highlighted as being behind the various attacks, which range in scale from the relatively small DragonEx exchange hack to the worldwide WannaCry cyber-attack, are named as Lazarus Group, Bluenoroff, and Andariel. Each group has a different focus, but all three have been involved in cryptocurrency hacking at some point, with Asia a particular target in recent years:
According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.
Although cryptocurrency hacks tend to make more headlines in mainstream media, the groups have been equally as prolific in targeting traditional financial institutions, launching successful operations in Bangladesh, Pakistan, India, Mexico, Philippines, Taiwan, South Korea, Turkey, Chile, and Vietnam.
How Effective Will Sanctions Be?
The punishment meted out by the Treasury Department includes the blocking of “all property and interests in property of these entities, and of any entities that are owned, directly or indirectly, 50 percent or more by the designated entities, that are in the United States or in the possession or control of U.S. persons…”, with pressure also put on “any foreign financial institution that knowingly facilitates a significant transaction or provides significant financial services for any of the entities designated today.” However, with North Korea being a notably secretive nation that tends not to operate outside its own borders, it is unknown how much impact such sanctions will actually have.