South Korea has imposed sanctions on North Korean individuals and groups for stealing cryptocurrency assets and coordinating cyberattacks, the first independent steps to curb cybercrimes that Seoul says are linked to bankrolling Pyongyang’s nuclear and missile programs.
Four North Korean computer programmers and seven entities associated with North Korea’s top military intelligence agency -- the Reconnaissance General Bureau -- face the ban, Seoul’s Foreign Ministry said Friday, stressing growing threats from Pyongyang, which is still as belligerent as a year before when it fired off a record number of missiles.
The ban covers big names like Park Jin-hyok and the Lazarus Group but they are “not the only targets” under scrutiny, a senior Foreign Ministry official said, declining to elaborate, citing protocol. Park is a member of the Lazarus Group, which the US says is responsible for the WannaCry ransomware attack in 2017 and the March attack last year on Ronin, a blockchain network that powers online game Axe Infinity. Ronin claims digital cash worth $615 million was stolen.
And the kind of crypto theft plays a crucial role in advancing North Korea’s “missile and other malicious programs,” according to Anne Neuberger, US deputy national security adviser for cybersecurity. In November last year, she said state-backed cyberattacks pay for roughly 30 percent of the isolated country’s funds needed for weapons.
Earlier this month, Foreign Minister Park Jin pledged closer Seoul-Washington ties to identify loopholes in United Nations Security Council resolutions that Pyongyang exploits to earn cash.
The latest sanctions could be part of broader outreach, prompting more countries to follow suit as they learn about North Korea’s cyberattacks -- a step that leads to a wider coalition to disrupt the systematic hacking campaign, according to a Seoul official. The Friday ban makes any financial transactions with those North Korea hackers illegal, unless authorities give their explicit say-so in advance.
This is the third time since October and December that the Yoon Suk Yeol administration, which took power in May, has rolled out sanctions -- a reflection of the conservative leader’s promise to get tough on the regime. How exactly North Korean hackers had run cyberattacks was not detailed over concerns that it could give away the government’s investigation methods.