Officials say the move reflects growing concern over the scale of North Korea’s cyber-enabled activities, including cryptocurrency theft, fraudulent IT schemes, and espionage efforts used to bankroll its weapons development.

Australia has imposed sanctions on several North Korean hacking groups and individuals linked to major global cyberattacks, including the Lazarus Group, Andariel, and Kimsuky.

The Lazarus Group, active for more than 15 years, is widely believed to be behind the 2014 Sony Pictures hack and the 2017 WannaCry ransomware attack.

Among those sanctioned is Park Jin Hyok, a computer programmer allegedly associated with the group. Hyok is accused of involvement in the Sony, WannaCry and Bangladesh Bank cyberattacks and is believed to be residing in North Korea.

Australia also sanctioned Chosun Expo, a front company reportedly employing Hyok. The United States first sanctioned Hyok in 2018, and the Australian measures now extend similar restrictions to his affiliated entities.

A Lazarus sub-group known as Andariel—or Advanced Persistent Threat 45—was also targeted. The group is accused of conducting cyber-espionage campaigns against defence, aerospace, nuclear, and engineering organisations worldwide.

Another sanctioned entity, Kimsuky, has focused on intelligence-gathering operations against South Korean government agencies, think tanks, and foreign policy experts.

The move coincides with fresh actions by the U.S. Treasury’s Office of Foreign Assets Control (OFAC), which has also announced sanctions targeting North Korean hackers and associated entities.

According to the Multilateral Sanctions Monitoring Team’s (MSMT) second report, UN-sanctioned North Korean entities remain deeply involved in malicious cyber activity.

The report found that North Korean hackers stole at least $1.9 billion in cryptocurrency from global companies in 2024, laundering the funds through an international network of North Korean nationals and foreign intermediaries.

It also revealed that North Korean officials have used cryptocurrencies to trade military equipment and raw munitions materials such as copper.

Australia’s action aligns with measures taken by the United States, forming part of a broader international effort to disrupt North Korea’s illicit revenue streams and address its ongoing threat to regional and global security.

In a statement, the Government reaffirmed its commitment to working alongside international partners to counter malicious cyber activity, strengthen responsible state behaviour in cyberspace, and protect Australians from emerging digital threats.

Minister for Foreign Affairs, Senator Wong said, “We call on North Korea to comply fully with United Nations Security Council (UNSC) resolutions to abandon its unlawful weapons of mass destruction and ballistic missile programs in a complete, verifiable and irreversible manner.

“We encourage all Australians to be vigilant about their cyber security, and be aware that payments to entities and individuals listed under Australia’s autonomous sanctions framework could result in action by law enforcement agencies,” she said.

Australia’s latest sanctions send a clear signal that cybercrime used to finance North Korea’s weapons programs will not be tolerated.

By targeting the financial networks behind these operations, Canberra is reinforcing its commitment to global security and the integrity of international cyber norms