U.S. Strikes at the Heart of DPRK’s Digital Black Market — Targeting Bankers, Tech Bosses, and Sanctions Evasion Networks

By Oluchi Omai  

In a sharp move aimed at choking the financial lifelines of North Korea’s shadow economy, the United States has slapped sanctions on two entities and eight individuals tied to the Democratic People’s Republic of Korea (DPRK), accused of laundering money from cybercrime and illicit overseas IT work to fund the regime’s weapons ambitions.

Among those targeted is Ryujong Credit Bank, a North Korean financial institution that allegedly funneled funds between China and the DPRK, dodging international sanctions in the process. Also named is Korea Mangyongdae Computer Technology Company, a state-linked IT firm operating out of North Korea, along with its president, U Yong Su. The company is accused of deploying North Korean IT workers abroad, particularly in China, where they pose as third-country nationals to earn hard currency while evading detection.

The Treasury Department also designated two North Korean bankers, Jang Kuk Chol and Ho Chong Son, both linked to the previously sanctioned First Credit Bank. According to U.S. officials, these individuals managed funds connected to a ransomware operation that once victimized American entities, a chilling reminder of how cybercrime and state agendas have become dangerously intertwined.

Five additional North Korean financial operatives, Ho Yong Chol, Han Hong Gil, Jong Sung Hyok, Choe Chun Pom, and Ri Jin Hyok, were also sanctioned for their roles in processing transactions that flout United Nations Security Council resolutions. Their actions, authorities say, helped keep Pyongyang’s financial networks alive despite global restrictions.

This enforcement action comes on the heels of a sobering October 22 report by the Multilateral Sanctions Monitoring Team (MSMT), which detailed how the DPRK continues to exploit cyber operations and disguised IT labor to generate revenue for its prohibited weapons programs. From cryptocurrency heists to covert software gigs overseas, these schemes aren’t just about survival; they’re strategic engines fueling North Korea’s ballistic missile and nuclear ambitions.

“The DPRK’s ability to blend into the global digital workforce while simultaneously launching cyberattacks is not just deceitful’s dangerous,” said a senior State Department official, speaking on background. “Every dollar laundered through these networks is a potential bullet in a missile.”

Today’s sanctions, issued under multiple executive orders including those targeting malicious cyber activity and North Korean proliferation, send a clear message: the U.S. and its allies are watching, and they’re willing to name names, freeze assets, and disrupt operations at the individual level.

As the international community grapples with the evolving tactics of authoritarian regimes in the digital age, actions like these underscore a growing consensus: economic pressure, precision targeting, and multilateral coordination remain vital tools in countering threats that transcend borders.

For families whose data was held hostage by ransomware, for companies compromised by state-backed hackers, and for a global financial system strained by sanctions, this isn’t just policy. It’s accountability, spelt out one designation at a time.