President Donald Trump meets with North Korean leader Kim Jong Un at the demilitarized zone separating the two Koreas, in Panmunjom, South Korea, June 30, 2019. Kevin Lamarque | Reuters

The U.S. Treasury Department said Friday that North Korean state-sponsored hacking groups attacked critical infrastructure, drawing illicit funds that ultimately funded the country's weapons and missile programs. The groups launched ransomware campaigns among other types of attacks, according to Treasury's announcement. The direct link to North Korea's missile program creates further ethical hurdles for companies, insurers and municipalities that must decide whether or not to pay ransoms to criminal groups that have locked up their files. Treasury says three hacking groups are "responsible for North Korea's malicious cyber activity on critical infrastructure." The groups were sanctioned by Treasury's Office of Foreign Assets Control. One of the groups was responsible for the infamous WannaCry ransomware attacks of 2017, which cost companies and governments hundreds of millions of dollars.

"Treasury is taking action against North Korean hacking groups that have been perpetrating cyber attacks to support illicit weapon and missile programs," Sigal Mandelker, Treasury under secretary for terrorism and financial intelligence, said in the release. "We will continue to enforce existing U.S. and UN sanctions against North Korea and work with the international community to improve cybersecurity of financial networks," Mandelker said.

Ethics of ransomware

The three hacking groups — known as "Lazarus Group," "Bluenoroff," and "Andariel" — are controlled by North Korea through their relationship to a United Nations-designated intelligence bureau, according to Treasury. The Lazarus Group's WannaCry attacks two years ago caused widespread havoc globally, shutting down hospitals and ambulances run by Britain's National Health Service, halting car manufacturing by companies like Nissan and Renault and stopping shipments by FedEx, among numerous other companies. Bluenoroff has stolen more than $1 billion from global financial institutions since 2014 through a variety of tactics, including attacks against the SWIFT messaging system. Anadriel "was observed by cyber security firms attempting to steal bank card information by hacking into ATMs to withdraw cash or steal customer information to later sell on the black market," according to Treasury.

The move is another step in the federal government's initiatives to identify the financial trail of cybercrimes, particularly those perpetrated by hostile nations. The fact that these illicit funds were used for North Korea's weapons programs will put further ethical pressure on any organization dealing with breaches or ransomware. A recent ProPublica investigation called into question the ethics of paying ransom demands or even having insurance products that cover the costs of the ransom, when the funds may be going into the hands of criminals or, in these cases, North Korea's military.

The Trump-Kim relationship