
Kim Jong Un’s cyber operatives are at it again, allegedly targeting U.S. hospitals and NASA. Just when you thought your medical records were safe, along comes a hacker. But don’t worry, Uncle Sam’s got something to say about it.
The Indictment
The U.S. Department of Justice has indicted Rim Jong Hyok, a North Korean military intelligence operative, for allegedly conducting ransomware attacks on American hospitals. An FBI agent, Stephen A. Cyrus, suggests this isn’t just another run-of-the-mill cyber attack; it’s part of a broader strategy by North Korea to fund its nefarious activities and circumvent international sanctions.
Hyok, a member of the hacking crew Andariel (affiliated with North Korea’s Reconnaissance General Bureau), didn’t stop at healthcare facilities, authorities say. His targets allegedly included U.S. Air Force bases, NASA, and even defense contractors in South Korea and Taiwan. Talk about having your fingers in too many pies.
The Scope of the Attacks
The scale of these cyber attacks is staggering. Hyok and his team are accused of exfiltrating over 30 gigabytes of unclassified technical information from a U.S. defense contractor. This isn’t just about stealing patient data; we’re talking about military aircraft details, satellite communications, and radar systems.
The Money Trail
The ransom payments from these attacks were allegedly laundered through Hong Kong facilitators and converted into Chinese yuan. According to reports, this dirty money was then used to procure virtual private servers for further espionage activities. It’s a vicious cycle of crime funding more crime.
“While North Korea uses these types of cyber crimes to circumvent international sanctions and fund its political and military ambitions, the impact of these wanton acts have a direct impact on the citizens of Kansas,” Cyrus said.
Federal investigators traced these ransom payments to Hong Kong residents and a Chinese bank, shining a light on the international nature of these cyber crimes.
The Impact and Implications
The alleged attacks on U.S. hospitals disrupted patient care and compromised sensitive files. But the damage doesn’t stop there. Authorities say NASA’s computer system was accessed for over three months, resulting in the extraction of extensive unclassified data.
Allan Liska, Recorded Future analyst, said the indictment is not likely to lead to an arrest, but rather sanctions to prevent North Korea from pulling off these types of ransoms. “Now, unfortunately, that will force them to do more cryptocurrency theft,” Liska explained. “So it’s not going to stop their activity. But the hope is that we won’t have hospitals disrupted by ransomware attacks because they’ll know that they can’t get paid.”
This indictment sends a clear message to North Korea and other state-sponsored hackers. However, it also highlights the need for increased cybersecurity measures across all sectors, from healthcare to aerospace.
Sources
- North Korean Hacker Charged for Ransomware Attacks on US Hospitals, Air Force, NASA
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
- North Korean charged in cyberattacks on US hospitals, NASA and military bases
- U.S. charges North Korean man with cyberattacks on NASA
- North Korean charged in ransomware attacks on NASA, U.S. hospitals; $10 million reward offered
- North Korean charged in ransomware attacks on American hospitals
More from Around the Web
Kim Jong Un does an inspection of flooding near the border with China.