US sanctions DPRK parties for cyberattacks

The US Department of the Treasury’s Office of Foreign Assets Control (‘OFAC’) has issued sanctions against one individual and one entity linked to state-backed cyberattacks by North Korea (‘DPRK’). The individual, North Korean computer programmer Park Jin Hyok, is also subject to criminal charges from the US Department of Justice (‘DoJ’).

OFAC has accused Jin Hyok of ‘undermining cybersecurity through the use of computer networks or systems against targets outside of North Korea on behalf of the Government of North Korea or the Workers’ Party of Korea.’ He is suspected of involvement in the fraudulent transfer of $81m from Bangladesh Bank; the ransomware used in the May 2017 ‘WannaCry 2.0’ cyber-hack; and the November 2014 cyber-attack on Sony Pictures Entertainment in response to the proposed release of the film ‘The Interview’, a comedy that depicted the assassination of the DPRK’s leader. The Sony hack exposed compromising emails and the personal details of Hollywood’s biggest stars.

Chosun Expo Joint Venture (also known as Korea Expo Joint Venture (‘KEJV’)), for which Jin Hyok worked for a decade, has also been sanctioned.

The sanctions were imposed under Executive Order 13722 of 2016.

OFAC’s notice can be found here:
https://www.treasury.gov/resource-center/sanctions/OFAC-Enforcement/Pages/20180906_33.aspx

The Treasury press release can be found here:
https://home.treasury.gov/index.php/news/press-releases/sm473

The DoJ press release can be found here:
https://www.justice.gov/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and