X

U.S. Agencies Issue North Korea Cyber Threat Advisory

The U.S. Department of the Treasury, the U.S. Department of State, the U.S. Department of Homeland Security, and the Federal Bureau of Investigation (the "Departments") warned that North Korea is carrying out malicious cyber activities to fund "regime priorities." In the cyber threat advisory, the departments provide guidance on various protective measures.

The departments identified common tactics of North Korea cyber actors, including:

  • generating funds through "cyber-enabled financial theft" and money laundering;

  • conducting extortion campaigns; and

  • "cryptojacking," which involves theft of a victim machine's computing resources to mine digital currency.

The departments urged governments, industries, civil societies and individuals to take certain precautions to defend against North Korea cyber threats, such as:

  • raising awareness of the various cyber activities carried out by North Korea;

  • practicing information sharing;

  • implementing cybersecurity best practices to protect cyber infrastructure;

  • notifying law enforcement of malicious cyber activity emanating from North Korea (or elsewhere); and

  • strengthening Anti-Money Laundering/Countering the Financing of Terrorism/ Counter-Proliferation Financing compliance.

Tactics employed by Pyongyang to evade U.S. sanctions have been the subject of previous advisories (see, here, here, and here.)

Primary Sources

  1. OFAC Press Release: Publication of an Advisory on the Cyber Threat Posed by North Korea
  2. Joint Agency Guidance: DPRK Cyber Threat Advisory

Tags

Regulated Activities
Data Protection / Cybersecurity Sanctions Compliance AML Compliance
Regulated Products
Digital Assets
Body of Law
Sanctions
Jurisdiction
US - Federal
Impacted Foreign Jurisdiction
North Korea
Organization
Treasury / FinCEN / OFAC / CFIUS Other Author Organizations
Sub-Author
OFAC, DOJ