US indicts North Korean hacker accused of helping extort US hospitals
Rim Jong Hyok is part of a group of hackers working for North Korea’s military intelligence agency that uses ransoms collected from health care providers to fund further hacking operations against US government agencies and contractors, the US government alleges.
The hacks of health care providers locked up medical records and disrupted health care services in the US, US officials said. The North Korean hackers’ victims included hospitals in Florida and Kansas, health care firms in Arkansas and Connecticut, and a medical clinic in Colorado, according to the indictment unsealed in the US District Court for the District of Kansas.
The State Department offered a reward of up to $10 million reward for information on Rim.
US, South Korean and British government security agencies also on Thursday released information on the North Korean hackers’ tactics and warned that the hackers were targeting classified and other sensitive information at nuclear, aerospace and other sectors to advance Pyongyang’s military and nuclear programs.
One hack in 2022 carried out by the North Korean group against a US defense contractor led to the theft of reams of sensitive data, including material used in military aircraft and satellites, according to the State Department. Much of the stolen information was from 2010 or earlier, the department said.
North Korean hackers have stolen billions of dollars from banks and cryptocurrency firms over the last several years, providing a key source of revenue for the regime, according to reports from the United Nations and private firms.
Thwarting North Korean hacking and money laundering has become a national security priority for the Biden administration. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said last month.
CNN previously reported on how South Korean spies and American companies try to intercept cryptocurrency stolen by North Korean hackers. Another CNN investigation identified one cryptocurrency entrepreneur who said his firm had unwittingly sent a North Korean IT worker tens of thousands of dollars.
The US government accused North Korean hackers of using funds from ransom payments to fuel their cyber attacks on US government agencies and contractors, highlighting the political implications of such activities.
Thwarting North Korean hacking and money laundering has become a crucial aspect of the Biden administration's national security strategy, given that about half of North Korea's missile program is reportedly funded by cyberattacks and cryptocurrency theft.
