The US Treasury Department has further sanctioned North Korea for its long-established efforts to hack financial institutions around the world, saying the money is used to help fund the country’s missile programs.
Specifically, the US announced sanctions against three North Korean state sponsored cyber groups responsible for “malicious cyber activity on critical infrastructure,” the Treasury Department announced in a statement on Friday.
The US claims the group known as the “Lazarus Group,” and two of its sub-groups, “Bluenoroff,” and “Andariel” are “agencies, instrumentalities, or controlled entities of the Government of North Korea.”
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs,” Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence said in a statement. “We will continue to enforce existing US and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks.”
The ‘Lazarus Group’ was involved in the WannaCry 2.0 ransomware attack in 2017, which the US and other allies said was the work of the North Korean government.
For years, North Korea’s intelligence apparatus has heavily targeted victims where they can directly siphon money, like the Bank of Bangladesh in 2016.
The practice has become extremely lucrative: Earlier this year, the United Nations said that the country’s habit of hacking bitcoin exchanges has netted as much as $2 billion.
Specifically, the US said that hacking functions to “potentially fund North Korea’s WMD and ballistic missile programs.”
“They’re essentially calling out their criminal activity that’s been going on for four years,” John Hulquist, the director intelligence analysis for FireEye, which tracks North Korea’s cyber activity, told CNN. “The real question is will the sanctions have any effect.”
North Korea’s adoption of cybercrime as a major means of funding the regime has a cyclical effect: it was likely adopted as a response to international sanctions making it difficult to make money, but further isolates the country on the world stage, which may make it even more dependent on hacking to stay financially float.
“Just because it might not stop the behavior doesn’t mean we shouldn’t illuminate it,” Hulquist said. “It’s still the right thing to do and maybe the smart thing to do because it’s on the table now for negotiations,” he said.
Third summit possible?
The sanctions announcement comes as President Donald Trump continues to leave the door open for a possible third summit with North Korean dictator Kim Jong Un.
Trump hinted at high level contacts with Pyongyang again this week after firing his hawkish national security adviser John Bolton. The President made it clear that he believed Bolton’s presence was harmful to the diplomatic process and was at least partially to blame for the lack of progress in denuclearization talks.
“We were set back very badly when John Bolton talked about the Libyan model, and he made a mistake. And as soon as he mentioned that, the Libyan model, what a disaster,” Trump told reporters in the Oval Office Wednesday, the day after Bolton’s departure.
“Take a look at what happened with Gadhafi with the Libyan model, and he’s using that to make a deal with North Korea? And I don’t blame Kim Jong Un for anything he said after that, he wanted nothing to do with John Bolton. And that’s not a question of being not tough … that’s a question of being not smart to say something like that,” he added.
On Monday, a top North Korean diplomat working on nuclear negotiations with the United States said Pyongyang would be open to resuming talks with Washington.
The envoy, Choe Son Hui, said in a first-person statement published Monday by North Korean state media that North Korea is willing “to sit with the US side for comprehensive discussions of the issues we have so far taken up at the time and place to be agreed late in September.”
“I believe that the US side will come out with a proposal geared to the interests of the DPRK and the US and based on the calculation method acceptable to us,” Choe said, referring to North Korea by an acronym for the country’s formal name, the Democratic People’s Republic of Korea.
Just hours later, North Korea launched two unidentified projectiles from South Pyongan Province toward the East Sea, also known as the Sea of Japan.
After more than a year of refraining from missile tests, Kim’s regime has conducted 10 launches since May, including the one on Tuesday. Most of those are believed to be short-range missiles, and experts say they have shown impressive technological advancements.
Trump has played down the tests when speaking about North Korea publicly. At one point he referred to them as “very standard.”