The US Department of Treasury has imposed sanctions on four entities and one individual involved in illicit revenue generation and malicious online activities to generate revenue for the Democratic People\u2019s Republic of Korea (North Korea).The entities and individuals sanctioned are the Pyongyang University of Automation, the Technical Reconnaissance Bureau, the 110th Research Center cybersecurity unit, Chinyong Information Technology Cooperation Company, and North Korean national Kim Sang Man, the US Department of State said in a press statement.\u00a0Sanctioned entities and individualThe Pyongyang University of Automation, Chinyong, Technical Reconnaissance Bureau, and the 110th Research Center are being designated for being agencies, instrumentalities, or controlled entities of the government of North Korea or the Workers\u2019 Party of Korea.Pyongyang University of Automation is one of North Korea\u2019s premier cybersecurity instruction institutions, which is responsible for training malicious cybersecurity actors, many of whom go on to work in cybersecurity units subordinate to the Reconnaissance General Bureau (RGB).RGB is North Korea\u2019s primary intelligence bureau and the main entity responsible for the country\u2019s malicious cybersecurity activities. The RGB was designated on January 2, 2015, for being a controlled entity of the government of North Korea, according to a press release by the US Department of Treasury.\u00a0The RGB-controlled Technical Reconnaissance Bureau and its subordinate cybersecurity unit, the 110th Research Center have also been sanctioned. The DPRK-based Technical Reconnaissance Bureau leads the DPRK\u2019s development of offensive cybersecurity tactics and tools and operates several departments, including those affiliated with the Lazarus Group, the Treasury Department said in the release.\u00a0\u00a0\u201cThe Lazarus Group was designated by OFAC on September 13, 2019, as an agency, instrumentality, or controlled entity of the Government of North Korea,\u201d the Department of Treasury said.\u00a0The 110th Research Center has conducted cyberattacks against networks worldwide, including in the US and the Republic of Korea (ROK). In 2013, the 110th Research Center conducted a campaign known as DarkSeoul, which destroyed thousands of financial sector systems and resulted in outages at the top three media companies in the ROK. Additionally, the 110th Research Center has stolen sensitive government information from the ROK related to its military defense and response planning, the Department of Treasury said.North Korea-based Chinyong Information Technology Cooperation Company (Chinyong), also known as Jinyong IT Cooperation Company, is associated with the UN and US-sanctioned Ministry of Peoples\u2019 Armed Forces. Chinyong, by way of companies under its control and their representatives, employs delegations of DPRK IT workers that operate in Russia and Laos, the Department of Treasury said.\u201cOne such representative of the Chinyong office located in Vladivostok, Russia, DPRK-national Kim Sang Man, is presumed to be involved in the payment of salaries to family members of Chinyong\u2019s overseas DPRK worker delegations,\u201d the Department of Treasury said.Kim is said to have been involved in the sale and transfer of IT equipment for the DPRK and, as recently as 2021, received cryptocurrency funds transfers from IT teams located in China and Russia that were valued at more than $2 million.\u00a0Kim has been affiliated with the US-designated Korea Computer Center and worked as an IT developer in the DPRK prior to being selected as an agent of the UN and US-designated RGB, in order to earn foreign currency.\u201cKim is being designated pursuant to E.O. 13810 for being a North Korean person, including a North Korean person that has engaged in commercial activity that generates revenue for the Government of North Korea or the Workers\u2019 Party of Korea,\u201d the Department of Treasury said.North Korea\u2019s malicious activitiesSanctions have been made against the entities\u2019 illicit activities to fund the North Korean government.\u00a0\u201cThe DPRK conducts malicious cyber activities and deploys information technology (IT) workers abroad who fraudulently obtain employment to generate revenue that supports the Kim regime,\u201d\u00a0the Department of Treasury said.The DPRK\u2019s extensive illicit cybersecurity and IT worker operations threaten international security by financing the DPRK regime and its dangerous activities, including its unlawful weapons of mass destruction (WMD) and missile programs, the Department of Treasury said.The action has been taken in coordination with the ROK, which is concurrently imposing sanctions against one entity and one individual associated with overseas DPRK IT workers. The other three entities were previously sanctioned by the ROK on February 10, for engaging in cyberattack operations and illicit revenue generation that support the DPRK\u2019s WMD programs.\u201cToday\u2019s Treasury action includes three targets that the ROK recently designated for engaging in cyber operations and illicit revenue generation that support the DPRK\u2019s WMD programs. We will not hesitate to continue holding the DPRK regime responsible for its actions,\u201d\u00a0the Department of Treasury said.DPRK cyberattack actors stole more virtual currency in 2022 than in any previous year, with estimates ranging from $630 million to over $1 billion \u2014 reportedly doubling Pyongyang\u2019s total cybertheft proceeds in 2021, according to a March 2023 UN Panel of Experts report.\u00a0The DPRK also maintains a workforce of thousands of highly skilled IT workers around the world, primarily located in the People\u2019s Republic of China and Russia, to generate revenue that contributes to its unlawful WMD and ballistic missile programs. In some cases, DPRK IT workers can earn more than $300,000 per year.\u00a0\u201cThe United States is steadfast in our commitment to combat the Democratic People\u2019s Republic of Korea\u2019s (DPRK) illicit activities to generate revenue by stealing funds from global financial institutions and other entities,\u201d the Department of Treasury said.