US authorities offer a $10 million reward for information leading to the capture of a North Korean hacker responsible for crippling healthcare systems and compromising national security.
 |
| A North Korean intelligence operative is accused of leading a hacking group that targeted US hospitals, demanding ransom payments, and stealing classified information. This cybercrime ring operated and the government's response. FBI disclosed Rim Jong Hyok's photo |
Kansas City, Missouri, July 26, 2024:
A North Korean intelligence operative has been indicted for orchestrating ransomware attacks targeting US healthcare providers. Rim Jong Hyok, a member of the Andariel hacking group under the control of North Korea's Reconnaissance General Bureau, is accused of infiltrating multiple systems and demanding hefty ransoms.
The State Department has placed a $10 million bounty on Rim for information leading to his capture or that of any foreign operative involved in similar cyberattacks on US critical infrastructure.
The indictment stems from a 2021 attack on a Kansas medical center, where hackers blocked access to patient records and medical equipment. This modus operandi is typical of the Andariel group, which employs the Maui ransomware to cripple systems and extort victims. The group is believed to use the proceeds to fund further cyber operations.
Federal agencies issued a joint cybersecurity warning in 2022, highlighting the group's targeting of healthcare organizations due to their perceived willingness to pay ransoms. Investigators tracked a ransom payment from a Kansas hospital to a North Korean bank account through blockchain analysis.
Andariel's activities extend beyond the healthcare sector. The group is accused of compromising 17 entities across 11 states, including defense contractors, military bases, and NASA, stealing sensitive data in the process.
The indictment marks a significant step in the US government's efforts to combat cyber threats emanating from North Korea.