Additionally, OFAC sanctioned cyber espionage group Kimsuky for gathering intelligence to support the DPRK’s strategic objectives. Active since 2012, Kimsuky is subordinate to the UN- and U.S. designated Reconnaissance General Bureau (RGB), the DPRK’s primary foreign intelligence service. On August 30, 2010, OFAC designated the RGB by adding it to the annex of E.O. 13551. OFAC subsequently re-designated the RGB on January 2, 2015 pursuant to E.O. 13687 for being a controlled entity of the Government of North Korea. Malicious cyber activity associated with the Kimsuky advanced persistent threat is also known in the cybersecurity industry as APT43, Emerald Sleet, Velvet Chollima, TA406, and Black Banshee.
Although Kimsuky is primarily an intelligence collection entity, its cyber espionage campaigns directly support the DPRK’s strategic and nuclear ambitions. Kimsuky primarily uses spear-phishing to target individuals employed by government, research centers, think tanks, academic institutions, and news media organizations, including entities in Europe, Japan, Russia, South Korea, and the United States. Kimsuky employs social engineering to collect intelligence on geopolitical events, foreign policy strategies, and diplomatic efforts affecting its interests by gaining illicit access to the private documents, research, and communications of their targets.
Kimsuky is being designated pursuant to E.O. 13687, for being an agency, instrumentality, or a controlled entity of the Government of North Korea.
• https://ofac.treasury.gov/faqs/topic/1556
460. Can U.S. persons do business with entities in North Korea?
No. Unless authorized pursuant to a general or specific license from OFAC and/or BIS, Executive Order (E.O.) 13722 prohibits new investment in North Korea by a U.S. person and the exportation or reexportation, from the United States, or by a U.S. person, of any goods, services, or technology to North Korea. E.O. 13810 (“Imposing Additional Sanctions with Respect to North Korea”) does not modify any of those prohibitions.
Official Information
On January 2, 2015, the President issued E.O. 13687 pursuant to, inter alia, IEEPA and the NEA, to take additional steps to address the national emergency declared in E.O. 13466 and expanded in E.O. 13551. E.O. 13687 provides for the blocking of property and interests in property of certain persons with respect to North Korea.
