US Sanctions North Korean Entities Training Expat IT Workers in Russia, China and Laos
Illicit North Korean IT workers send the money they made from abroad to fund Kim’s regime, US Treasury Department said
Sanctions shape cybersecurity by restricting transactions, technology access, and support linked to cyber operations and critical infrastructure risks.
Search across headline titles and summaries.
Background for this topic.
Sanctions are legal restrictions imposed by governments or international bodies on dealings with specified countries, organizations, individuals, or activities. They can limit payments, exports, imports, access to services, or provision of technical assistance; the exact prohibitions, exceptions, and licensing rules depend on the relevant jurisdiction. Cyber-related designations may identify operators, companies, or intermediaries linked to malicious activity, but sanctions are legal measures rather than technical indicators of compromise.
For security practitioners, sanctions create operational requirements around counterparties and technology flows. Organizations may need to screen customers, suppliers, service providers, and payment recipients, including aliases and ownership links, and restrict access or support where law requires. Export-control and sanctions rules can also affect distribution of cryptographic products, exploit research, cloud services, and incident-response assistance. Threat intelligence can help map sanctioned entities and evasion networks, while vulnerability-management and response teams should preserve records showing who received software, credentials, or technical help. Because lists and licensing conditions change, automated controls need human review and documented escalation rather than treating a name match as conclusive.
Illicit North Korean IT workers send the money they made from abroad to fund Kim’s regime, US Treasury Department said
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their involvement in illicit IT worker schemes and cyberattacks generating revenue to finance North Korea's weapons development programs. [...]