Following North Korea’s launch of a spy satellite last week, the US targeted the country with new penalties on Thursday. It accused foreign-based agents of helping North Korea evade sanctions in order to obtain money and technology for its WMD development.
In a statement, the U.S. Treasury Department claimed that sanctions had also been imposed on the cyberespionage group Kimsuky, charging it with gathering intelligence to further the strategic and nuclear aspirations of North Korea.
Thursday’s action, taken in coordination with Australia, Japan and Korea, comes after North Korea last week successfully launched its first reconnaissance satellite, which it has said was designed to monitor U.S. and South Korean military movements.
“Today’s actions by the United States, Australia, Japan, and the Republic of Korea reflect our collective commitment to contesting Pyongyang’s illicit and destabilizing activities,” Treasury’s Under Secretary for Terrorism and Financial Intelligence, Brian Nelson, said in the statement.
“We will remain focused on targeting these key nodes in the DPRK’s illicit revenue generation and weapons proliferation,” Nelson added, calling North Korea by the initials of its official name, the Democratic People’s Republic of Korea.
South Korea’s foreign ministry said on Friday that it had blacklisted 11 North Koreans for involvement in the country’s satellite and ballistic missile development, banning them from any financial transactions.
The list includes senior officials from the National Aerospace Technology Administration, which oversaw the satellite launch, and the munitions industry department.
North Korea’s mission to the United Nations in New York did not immediately respond to a request for comment on Thursday’s sanctions.
Since the launch of the satellite, North Korea said that its leader, Kim Jong Un, has reviewed spy satellite photos of the White House, Pentagon and U.S. aircraft carriers at the naval base of Norfolk. Its state media has also reported that the satellite photographed cities and military bases in South Korea, Guam, and Italy, in addition to Washington.
On Monday, the United Nations ambassadors of the United States and North Korea sparred at the Security Council over the launch and the reasons for growing tensions in a rare, direct, public exchange between the adversaries.
Thursday’s action freezes any U.S. assets of those targeted and generally bars Americans from dealing with them. Those who engage in certain transactions with them also risk being hit with sanctions.
The Treasury said Kimsuky primarily uses spear-phishing to target people employed by the government, research centers, academic institutions and others, including in Europe, Japan, Russia, South Korea and the United States.
In October 2020, the U.S. Cybersecurity and Infrastructure Agency (CISA) described the group as “likely tasked by the North Korean regime with a global intelligence gathering mission.”
Security researchers have found the group impersonating reporters to trick targets into downloading malicious software to spy on them. Kimsuky’s hacking operation has been historically focused on South Korea, Japan and the United States.
In June, the U.S. National Security Agency said the hackers, which have been operating since at least 2012, were “subordinate to an element within North Korea’s Reconnaissance General Bureau (RGB).” The RGB is a North Korean intelligence agency that is involved in cyber warfare activities, according to analysts, and is under U.S. sanctions.
Also targeted on Thursday were Iran and China-based representatives of U.S. and UN-designated Green Pine, which the Treasury said is responsible for half of North Korea’s arms and related materiel exports.
Two Russia-based representatives of North Korean banks and one China-based representative were also hit with sanctions, among others.