U.S. Sanctions North Korea Defense Agencies, Individuals in Sony Hack

President Obama signed an Executive Order sanctioning three North Korea defense agencies and 10 individuals for the country’s alleged role in the Sony hack.

President Obama today signed an Executive Order authorizing sanctions against North Korea for its alleged involvement in the Sony hack.

The FBI on Dec. 19 formally blamed the hack on the North Korean government; the attack destroyed workstations and resulted in the loss of employee personal and health care data, as well as the loss of business records, email conversations, leaked scripts and leaked unreleased full length movies.

“This E.O. is a response to the Government of North Korea’s ongoing provocative, destabilizing, and repressive actions and policies, particularly its destructive and coercive cyber attack on Sony Pictures Entertainment,” said White House press secretary Josh Earnest in a statement.

The Executive Order targets 10 individuals and three organizations close to the North Korean government.

“We take seriously North Korea’s attack that aimed to create destructive financial effects on a U.S. company and to threaten artists and other individuals with the goal of restricting their right to free expression,” the White House statement said, adding that this is just the first salvo in the U.S. government’s promised proportional response to the Sony hack, which began before Thanksgiving.

Security experts, however, have also been vocal about their skepticism that North Korea was behind the Sony hack. Different theories have emerged in the weeks since the hack was disclosed, including a report on Monday from security firm Norse, which redirected attention to a group of former insiders working with hacktivists. A report from Gotnews.com also shied away from North Korea in its analysis of some of the timestamps of stolen data, equating the transfer speed to USB 2.0 which would lead to an insider as well.

Earlier this week, The Intercept reported that it was in possession of an FBI bulletin warning that the Sony hackers were also targeting a news media organization in the U.S. The joint intelligence bulletin, penned by the FBI and Department of Homeland Security alluded to Pastebin messages that taunted the new outlet for its coverage and implied a threat, the bulletin said.

Sony has been under siege since Nov. 24 when employee workstations were rendered useless by a wiper malware attack. Threats then surfaced from a hacker group calling themselves the Guardians of Peace promising more attacks and a 9/11-style terrorist attack against theaters showing the comedy movie The Interview, a satire depicting the assassination of North Korean leader Kim Jong-Un. Since then, Sony has been subjected to numerous data leaks including unreleased movies and scripts made available online, to embarrassing email exchanges between executives, to the personal health care and contact information of employees released to Pastebin.

Before the Christmas holiday, North Korea suffered a DDoS attack that kept much of the country offline for up to 10 hours. Experts were skeptical that it was a state-sponsored attack.

Today’s Executive Order adds further sanctions against North Korea and specifically deny named entities and individuals the ability to conduct transactions with the U.S. financial system or have access to funds stored therein.

Specifically called out were the Reconnaissance General Bureau, the country’s primary intelligence agency; the Korea Mining Development Trading Corporation, the country’s primary arm’s dealer and exporter; and the Korea Tangun Trading Corporation, responsible for procuring technology in support of the country’s military defense research and development programs, the U.S. Treasury Department said.

In addition, the 10 individuals called out in today’s order are officials of the North Korean government with some acting as government representatives in Namibia, Russia, Iran and Syria.

“The actions taken today under the authority of the President’s new Executive Order will further isolate key North Korean entities and disrupt the activities of close to a dozen critical North Korean operatives,” said Secretary of the Treasury Jacob J. Lew. “We will continue to use this broad and powerful tool to expose the activities of North Korean government officials and entities.”

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.