A North Korean man has been accused of carrying out cyberattacks for the North Korean military in the United States. The man has been indicted in a conspiracy to hack US healthcare providers, military bases, and NASA.
The North Korean man has been identified as Rim Jon Hyok and was indicted by a grand jury in Kansas City.
The main accusations Hyok faces relate to money laundering. The illicit funds were used to fund computer servers and subsequently carry out cyber attacks against US cybernetic infrastructure.
North Korean cyberattacks on US soil
Hyok, a North Korean agent on US soil, has been accused of attacking 11 US entities. His most notorious attack was on American hospitals.
These cyberattacks successfully disrupted the treatment of patients in hospitals. However, this was not Hyok’s main mission.
Hyok, alongside North Korean hacking support, gained access to more than three months of NASA’s computer systems. According to the indictment, the North Korean-backed hackers extracted over 17 gigabytes of NASA data.
They also had access to data from defense companies in Michigan and California as well as two US Air Force bases in Texas and Georgia.
Authorities had offered $10 million for information that could lead to Hyok
Records made public by the court showed that Hyok did not have a listed attorney. What they did show, however, was that Hyok had lived in North Korea and had worked for two intelligence offices. This made him a member of the Andariel Unit of the North Korean government’s Reconnaissance General Bureau.
His record and the danger he posed to America led US authorities to offer a reward of $10 million for information that would lead to the North Korean hacker.
The court also found the North Korean hacker held a Kansas hospital’s data for ransom. One of Hyok’s most disruptive attacks was encrypting the files and servers of a hospital in the state.
The hospital ended up paying $100,000 in Bitcoin to get their data back. The exact same attack was carried out on a Colorado healthcare provider.
The hospitals and medical providers that were targeted in the attacks alerted authorities, and the FBI took charge of the case. It was able to seize the hacking group’s accounts.
Additionally, law enforcement officials seized control of over $600,000 from the proceeds of the North Korean cyberattacks. Authorities have stated that these funds will be returned to victims.
The Justice Department: North Korean cyberattacks differ from those of Russia and China
Since Hyok’s indictment, the United States Justice Department has explained that North Korean cyberattacks are usually spurred by motivations that are different from those of Russian and Chinese cyber attacks.
The justice department has explained that most North Korean cyberattacks are more often than not motivated by financial reasons.
In contrast, Chinese and Russian attacks have clear political purposes. Such an example was the Russian disruption of the 2016 United States general election. In 2016, the Russians used several cyberattack strategies, such as “Troll Farms” and bots, to spread divisive content on Hillary Clinton and Donald Trump.
They also targeted the Democratic National Committee, leaking sensitive information from the organization and Clinton’s campaign manager John Podesta to WikiLeaks.