October 21, 2021

New Rule From US Commerce May Help Limit Spread of North Korean Cybercrime

By: Jason Bartlett

The U.S. Commerce Department recently announced a new rule barring the export and resale of cyber “intrusion software” and equipment to China and Russia without a proper license from the U.S. Bureau of Industry and Security (BIS). It will apply to any intrusion software, including defensive products, being sold to any Chinese or Russian person regardless of whether they are affiliated with the government or not. Set to come into effect in 90 days, the rule will likely impact the operations of not only Chinese and Russian cybercriminals, but also the North Korean Lazarus Group, which conducts offensive cyber operations against foreign states, often with the assistance of Chinese or Russian groups.

As sanctions tighten in other areas, such as the commodities trade, North Korea continues to compensate for its monetary losses with funds obtained through illicit cyber activity.

While intrusion software is critical for penetration testing, which allows cybersecurity analysts to discover and patch existing system vulnerabilities, malicious actors have leveraged the sale and distribution of such technology to proliferate global cybercrimes. North Korea, in particular, has successfully incorporated cyber-enabled financial crime within its proliferation finance modus operandi for years as it provides an inexpensive and low-risk way to evade U.S. and U.N. economic sanctions. As sanctions tighten in other areas, such as the commodities trade, North Korea continues to compensate for its monetary losses with funds obtained through illicit cyber activity. These money-generating attacks range from basic data breaching tactics such as email phishing to more advanced forms of cyber-enabled financial crime including online bank heists, hacking of cryptocurrency transactions, and distributing ransomware.

Read the full article from The Diplomat.

More from CNAS

  • Commentary
    • Lawfare
    • December 13, 2024
    Our Man in Damascus? Sanctions and Governance in Post-Assad Syria

    The complexity of the legal and policy issues presented by the sanctions thicket surrounding Syria—and the disparate authorities responsible for various parts of it—will requi...

    By Alex Zerden

  • Video
    • December 13, 2024
    Ziemba: Russia & Iran Concentrating on Own Battles

    The rebel-led alliance in Syria is set to form a transitional government, after overthrowing President Bashar Al Assad. Reports say the reason the Assad regime fell so quickly...

    By Rachel Ziemba

  • Commentary
    • December 12, 2024
    Sharper: Tariffs

    The incoming Trump administration has signaled that tariffs will be a central pillar of its economic strategy, with significant implications for international trade, the Ameri...

    By Eleanor Hume, Charles Horn & Gwendolyn Nowaczyk

  • Podcast
    • December 12, 2024
    Taking Trump’s Tariffs Threats Seriously

    Join Emily and Geoff to catch up on a whole bunch of economic security news, including the ill fated Nippon Steel / U.S. Steel deal, new chips export controls, and TikTik’s ba...

    By Emily Kilcrease & Geoffrey Gertz

View All Reports View All Articles & Multimedia