DOJ to charge North Korean officer for Sony hack and WannaCry ransomware

After charging Chinese, Iranian, and Russian cyberspies, US prepares indictment against North Korean officer.
Written by Catalin Cimpanu, Contributor

The US Department of Justice is expected to formally charge a North Korea officer in connection to the 2014 cyber-attack on Sony Pictures and WannaCry ransomware outbreak of 2017.

The man is supposedly named Pak Jin Hyok, according to a Washington Post report. The upcoming charges were first reported by ABC News.

Also: Cyberwar: What happens when a nation-state cyber attack kills?

Hyok is said to be an intelligence officer for the Reconnaissance General Bureau, North Korea's military intelligence agency.

He is also a suspected member of the notorious Lazarus Group, a shadowy hacking group linked to multiple cyber-attacks all over the world such as attacks against South Korean banks, military, and news agencies, attacks in neighboring countries such as China and Japan, and most recently against a string of banks and cryptocurrency exchanges.

Even prior to today's charges, previous reports from the cyber-security and real-world intelligence communities have linked the Lazarus Group to Bureau 121, a division of the Reconnaissance General Bureau, a North Korean intelligence agency part of the National Defence Commission.

Also: This is how it feels to face a major cyber attack

The damages caused by last year's WannaCry have been estimated at around $8 billion across over 150 countries, according to an IBM report.

The US Treasury Department is also expected to announce new economic sanctions against North Korea at the same time.

Earlier today, before news of the impending charge broke, President Donald Trump tweeted "Kim Jong Un of North Korea proclaims 'unwavering faith in President Trump.'"

This is also not the first time the US has charged foreign intelligence officers for major cyber-attacks.

In 2016, the DOJ charged nine Iranians with connections to the Iran military for cyber-attacks on US banks and a New York dam facility. The DOJ charged another group of Iranians in March 2018 for stealing data from 144 US universities.

Also: Defending against cyberwar: How the cybersecurity elite are working to prevent a digital apocalypse

In 2017, the US charged two hackers and two members of Russian intelligence for hacking Yahoo's servers and stealing the personal data of 500 million users back in 2014.

In 2017, the US charged three Chinese nationals for cyber-espionage on the part of the Chinese government from behind a fake cyber-security firm.

In 2018, the US and fellow Five Eyes countries formally accused Russia for attacks on the US energy grid and other critical infrastructure, election meddling, but also for orchestrating the NotPetya ransomware outbreak.

The US, in turn, has been accused by Iran for creating the Stuxnet virus that destroyed equipment part of Iran's nuclear program.

In-depth coverage of the indictment is available in this article, here.

Previous and related

Cyberwar: Everything you need to know about the frightening future of digital conflict

With the arrival of cyberwarfare, every gadget is a new battleground. Here's everything you need to know.

Inside the early days of North Korea's cyberwar factory

North Korea is a bizarre country that almost seems frozen in time -- a bizarre, frozen-in-time, armed-to-the-teeth, crazy-dangerous country. We take a deep look at the early cyberwar efforts of an increasingly aggressive cyberwar player.

Cyber peacekeeping: A cyberwar issue businesses need to consider now TechRepublic

Enterprise C-level execs might ask soon: What is cyber peacekeeping, and how will it affect our business? Here's what you need to know, including adaptations to some UN peacekeeping doctrines.

Editorial standards