NewsU.S. indicts, offers $10 million reward for North Korean hacker

U.S. indicts, offers $10 million reward for North Korean hacker

The United States indicted North Korean hacker Rim Jong Hyok for cyberattacks targeting defense secrets, the Justice Department said Thursday. Photo courtesy of FBI

July 26 (UPI) — The United States indicted a North Korean hacker for cyberattacks that helped steal military and nuclear secrets and offered a $10 million reward for information about him, multiple agencies announced Thursday.

Rim Jong Hyok was charged for his involvement in a conspiracy to “hack and extort U.S. hospitals and other healthcare providers, launder the ransom proceeds and then use these proceeds to fund additional computer intrusions into defense, technology and government entities worldwide,” the Justice Department said in a statement.

Rim and his co-conspirators allegedly worked for North Korean intelligence agency Reconnaissance General Bureau in a hacker collective known by various names including Andariel, Onyx Sleet and APT45.

According to the indictment, Andariel victimized five healthcare providers, four U.S.-based defense contractors, two U.S. Air Force bases and NASA’s Office of Inspector General.

“The Andariel actors stole terabytes of information, including unclassified U.S. government employee information, old technical information related to military aircraft, intellectual property and limited technical information pertaining to maritime and uranium processing projects,” the Justice Department said.

The operation also infiltrated networks and stole data from Taiwanese and South Korean defense contractors and a Chinese energy company.

Andariel hacked into multiple U.S. hospitals and healthcare providers’ computer networks and encrypted the servers responsible for health records, diagnostics and imaging services, the indictment said. After the attacks, the hackers demanded the victims pay a fee to restore access.

In one case, the group sent a ransom note to a Kansas hospital demanding roughly $100,000 in Bitcoin.

“Otherwise all of your files will be posted in the Internet, which may lead you to loss of reputation and cause the troubles for your business,” the note read. “Please do not waste your time! You have 48 hours only! After that the Main server will double your price.”

“Today’s indictment underscores our commitment to protecting critical infrastructure from malicious actors and the countries that sponsor them,” U.S. Attorney for the District of Kansas Kate Brubacher said. “Rim Jong Hyok and those in his trade put people’s lives in jeopardy. They imperil timely, effective treatment for patients and cost hospitals billions of dollars a year.”

The Justice Department and the FBI also announced the recovery of $114,000 in virtual currency from the ransomware attacks and related money laundering transactions, as well as the seizure of online accounts used by the co-conspirators.

Rim’s last known location was in North Korea, where he worked at the Reconnaissance General Bureau’s offices in Pyongyang and Sinuiju, the indictment said.

On Thursday, the U.S. State Department offered a reward of up to $10 million for information leading to his location or identification.

In addition, U.S., South Korean and British government security agencies released a cybersecurity advisory outlining Andariel’s ransomware tactics and warning that North Korea is conducting a global espionage campaign “to advance the regime’s military and nuclear programs and ambitions.”

It was co-authored by the FBI,

 » …

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe Today

GET EXCLUSIVE FULL ACCESS TO PREMIUM CONTENT

SUPPORT NONPROFIT JOURNALISM

EXPERT ANALYSIS OF AND EMERGING TRENDS IN CHILD WELFARE AND JUVENILE JUSTICE

TOPICAL VIDEO WEBINARS

Get unlimited access to our EXCLUSIVE Content and our archive of subscriber stories.

Exclusive content

Latest article

More article