U.S. Sanctions North Korean Cyber Threats
The United States is imposing sanctions on Song Kum Hyok, a North Korean cyber actor associated with the U.S.-designated North Korea hacking group Andariel. Song was involved in in malicious cyber-enabled activities, which included an illicit information technology (IT) worker scheme. He is also linked to an attempted hack of the U.S. Department of the Treasury. We are also imposing sanctions on Russia-based facilitator Gayk Asatryan and four entities – two Russian and two North Korean – all involved in deploying IT workers internationally to generate revenue for the North Korean government.
The Democratic People’s Republic of Korea deploys IT workers who obfuscate their identities, often through identity theft of U.S. persons, to fraudulently obtain employment at unwitting foreign firms. The North Korea regime uses revenue generated by these workers to support its unlawful weapons of mass destruction and ballistic missile programs.
Today’s sanctions are part of the U.S. government’s efforts to combat North Korean cyber espionage and revenue generation. We will continue to take action against malicious cyber actors who attempt to undermine U.S. national security or the U.S. financial sector.
The U.S. Department of State’s Rewards for Justice program (RFJ) is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act. RFJ is also offering a reward of up to $5 million for information leading to the disruption of financial mechanisms of persons engaged in certain activities that support North Korea, including the exportation of its workers to generate revenue.
https://www.state.gov/releases/office-of-the-spokesperson/2025/07/sanctioning-malicious-north-korean-cyber-actors/