A North Korean military intelligence officer named Rim Jong Hyok was indicted on Thursday by a federal grand jury in Kansas City, Kansas, for allegedly hacking into several American and international institutions, including health care providers, Nasa, US military bases, and security and electricity companies in China, Taiwan, and South Korea.
The indictment accuses Hyok of using ransom to buy equipment for upcoming cybercrime and of stealing sensitive data. According to an Associated Press record, he is also accused of laundering cash through a Chinese bank to buy computer servers and financing further attacks on defense, technology, and government targets around the world.
According to national lawyers, Hyok along with other members of the Andariel Component of North Korea’s Reconnaissance General Bureau targeted 17 institutions across 11 US state, including Nasa and US military bases, as well as security and electricity companies in China, Taiwan, and South Korea. According to the indictment, these hacks on American hospitals and other health care providers hampered patient care. Additionally, they hacked into the computer systems of defense firms in Michigan and California, as well as Texas ‘ Randolph Air Force Base and Georgia’s Robins Air Force Base.
The stolen data, which included information on fighter aircraft, missile defense systems, satellite communications, and radar systems, was reportedly sent to North Korean military intelligence to aid the country’s military and nuclear ambitions. The impact of these wanton acts has a direct impact on the citizens of Kansas, according to Stephen A. Cyrus, an FBI agent based in Kansas City, while North Korea uses these types of cybercrimes to circumvent international sanctions and fund its political and military ambitions.
Rim Jong Hyok, who has resided in North Korea and worked at the military intelligence agency’s offices in Pyongyang and Sinuiju, is still at large. An attorney for him is not listed in online court records. For information that leads to him or other foreign government operatives attacking critical US infrastructure, a reward of up to$ 10 million is being offered.
The Justice Department has prosecuted numerous cases involving North Korean hacking, frequently highlighting a profit-driven bias that sets these cybercriminals apart from those in Russia and China. For instance, three North Korean computer programmers were charged with a number of hacks in 2021, including a devastating attack on an American film studio and attempts to extort more than$ 1.3 billion from banks and businesses around the world.
A Kansas medical center hit in May 2021 issued an alert to the FBI regarding Hyok’s activities. Hackers had encrypted files and servers, preventing access to patient files, laboratory test results, and computers necessary for hospital operations. The same Maui ransomware variant also had an impact on a Colorado health care provider.
A designated cryptocurrency address was requested in a ransom note sent to a hospital in Kansas, and Bitcoin payments were then sent for roughly$ 100,000.
Otherwise, all of your files will be posted online, which could cause problems for your company and reputation. ” Please do not waste your time!” You have 48 hours only! The Main server will then double your purchase price.
Federal investigators found blockchains that adhered to the ransom payment process. The Bitcoin was transferred by an unnamed co-conspirator to a virtual currency address shared by two Hong Kong residents. It was given to a Chinese bank after being converted into Chinese currency. According to court records, the money was then accessed from an ATM in China close to the Sino-Korean Friendship Bridge, which the court records reveal.
In 2022, the Justice Department stated that the FBI seized about$ 500, 000 in ransom payments from money laundering accounts. This included the entire ransom payment made to the Kansas hospital.
Analysts suggest Hyok’s arrest is unlikely. However, the indictment may lead to sanctions that could hinder North Korea’s ability to collect ransoms. This may make it less likely to be a motivation to launch cyberattacks on organizations like hospitals in the future, according to Allan Liska, a cybersecurity analyst at Recorded Future.
” Now, unfortunately, that will force them to do more cryptocurrency theft. So it’s not going to stop their activity. However, the hope is that hospitals that have been hacked by ransomware because they will be aware that they ca n’t get paid, Liska said.
He also made the point that one of the victims was a Chinese company and that he was unsure of how China, a North Korean ally, would respond to being targeted.
” China ca n’t be too thrilled about that”, he said.
