In coordination with the Republic of Korea, the United States is again targeting the malicious cyber activities of the Democratic People’s Republic of Korea, the DPRK.
On May 23, the U.S. Treasury Department announced sanctions on four entities and one individual for hiding revenue and engaging in extensive illicit and IT worker operations to finance the regime’s unlawful weapons of mass destruction and ballistic missile programs.
According to a March 2023 UN Panel of Experts report cited by the Treasury Department, in 2022 DPRK cyber actors stole more virtual currency than in any previous year, with estimates ranging from $630 million to over $1 billion.
To combat such activity, the United States designated Pyongyang University of Automation, one of the DPRK’s premier cyber instruction institutions. Among its trainees are cyber actors who go on to work for cyber units tied to the Reconnaissance General Bureau, the RGB, the country’s primary intelligence entity.
Also designated was the RGB-controlled Technical Reconnaissance Bureau and its subordinate cyber unit, the 110th Research Center. The Technical Reconnaissance Bureau leads the DPRK’s development of offensive cyber tactics and tools and operates several departments, including those affiliated with the U.S. designated Lazarus Group, which was responsible for the largest virtual currency heist to date, stealing about $620 million in virtual currency.
The United States, as well as the ROK, also designated the DPRK-based Chinyong Information Technology Cooperation Company and one of its representatives, Kim Sang Man, who operates in Vladivostok, Russia. Chinyong and Kim were sanctioned because of their connection to the DPRK’s IT workers’ activities.
The DPRK generates significant revenue through deployment around the world of thousands of highly skilled IT workers who fraudulently obtain employment with companies, including in the technology and virtual currency industries. The revenue generated by these workers contributes to the DPRK’s unlawful WMD and ballistic missile programs.
As Treasury Under Secretary for Terrorism and Financial Intelligence Brian Nelson wrote in a statement, “The United States and its partners remain committed to combatting the DPRK’s illicit revenue generation activities and continued efforts to steal money from financial institutions, virtual currency exchanges, companies and private individuals around the world.”
