The U.S. Office of Foreign Assets Control (OFAC) sanctioned North Korea Friday for ransomware attacks on the Swift interbank messaging system and other critical infrastructure targets that generated funding for the nation-state’s weapons and missile programs.

The Treasury Department targeted three state-sponsored hacking groups – the Lazarus Group, whose WannaCry attacks wreaked havoc around the world just two years ago and its two units, BlueNorOff (APT38), which has scooped up more than $1.1 billion from repeated attacks on SWIFT, and AndAriel, a stealth group that security firms first spotted attacking South Korea in 2015. The three have been added to Treasury’s Specially Designated Nationals (SDN) List. As a result, their assets will be blocked and U.S. persons and entities are forbidden from doing business with them.

“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” Sigal Mandelker, Treasury undersecretary for terrorism and financial intelligence, said in a release, noting that the agency would “work with the international community to improve cybersecurity of financial networks.”

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.