Treasury Targets North Korea for Multiple Cyber-Attacks

September 6, 2018

WASHINGTON – The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) today sanctioned one entity and one individual tied to the Government of North Korea’s malign cyber activities.  In a related action, today the U.S. Department of Justice unsealed criminal charges against the same individual, Park Jin Hyok.

“We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” said Treasury Secretary Steven Mnuchin.  “The United States is committed to holding the regime accountable for its cyber-attacks and other crimes and destabilizing activities.”

OFAC designated the North Korean computer programmer Park Jin Hyok for having engaged in significant activities undermining cybersecurity through the use of computer networks or systems against targets outside of North Korea on behalf of the Government of North Korea or the Workers’ Party of Korea.  Park Jin Hyok is part of the conspiracy responsible for conducting, among others, the February 2016 cyber-enabled fraudulent transfer of $81 million from Bangladesh Bank, the ransomware used in the May 2017 “WannaCry 2.0” cyber-attack, and the November 2014 cyber-attack on Sony Pictures Entertainment.  Park Jin Hyok worked for Chosun Expo Joint Venture (a.k.a Korea Expo Joint Venture or “KEJV”), which OFAC is simultaneously sanctioning today for being an agency, instrumentality, or controlled entity of the Government of North Korea.  Park Jin Hyok and his co-conspirators operated from North Korea, China, and elsewhere to perpetrate these malicious activities.

Today’s sanctions were taken pursuant to Executive Order (E.O.) 13722 of 2016, and they further the intent of Congress as set forth under the North Korea Sanctions and Policy Enhancement Act of 2016.  As a result of today’s action, any property or interests in property of the designated persons in the possession or control of U.S. persons or within the United States must be blocked, and U.S. persons generally are prohibited from dealing with the designated persons.

North Korea has demonstrated a pattern of disruptive and harmful cyber activity that is inconsistent with the growing consensus on what constitutes responsible state behavior in cyberspace.  Our policy is to hold North Korea accountable and demonstrate to the regime that there is a cost to its provocative and irresponsible actions.

Identifying information on the entity and individual sanctioned today

####