OFAC sanctions North Korean cyber groups
On September 13, the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions pursuant to Executive Order (E.O.) 13722 against three North Korean state-sponsored cyber groups allegedly responsible for North Korea’s malicious cyber activity on critical infrastructure around the world. OFAC cited cyber attacks using phishing and backdoor intrusions, targeting a range of organizations that included financial institutions. In addition to malicious cyber activities on conventional financial institutions and major companies, North Korea’s cyber operations also targeted Virtual Asset Providers and cryptocurrency exchanges “to possibly assist in obfuscating revenue streams and cyber-enabled thefts that also potentially fund North Korea’s WMD and ballistic missile programs.” As a result of the sanctions, “all property and interests in property of these individuals and entities that are in the United States or in the possession or control of U.S. persons must be blocked and reported to OFAC.” OFAC noted that its regulations “generally prohibit” U.S. persons from participating in transactions with the designated persons, and warned foreign financial institutions that if they knowingly facilitate significant transactions for any of the designated individuals, they may be subject to U.S. correspondent account or payable-through account sanctions.