US charges North Korean for hacks

SONY, WANNACRY::The hacks were part of a ‘vast scheme’ by Pyongyang and conducted by Park Jin-hyok of the ‘Lazarus Group,’ Washington said


Sat, Sep 08, 2018 - Page 5

The US on Thursday charged a North Korean programmer with some of the most dramatic global hacking cases of recent years, alleging that they were carried out on behalf of Pyongyang.

The sabotage included the WannaCry 2.0 virus, the 2014 Sony Pictures attack and the 2016 cyberheist of Bangladesh’s central bank.

Park Jin-hyok was part of a unit known as the “Lazarus Group” that masterminded the notorious hacks “on behalf of the government of North Korea or the Workers’ Party of Korea,” Washington said.

The heavily detailed, 176 page indictment also tied the group to other spear-phishing campaigns, malware attacks and the attempted theft of documents and money from banks in Southeast Asia and Africa.

The attacks were conducted from North Korea, China and other nations, the indictment said.

“This complaint exposes a vast and audacious scheme by the North Korean government to utilize computer intrusions as a means to support the varied goals of their regime,” said Paul Delacourt, of the FBI’s Los Angeles office, which led the probe.

The US Department of Justice charged Park with one count of conspiracy to commit computer fraud and another count of conspiracy to commit wire fraud.

The computer fraud charge carries a maximum of five years in prison, while the wire fraud would spell up to 20 years.

The US Department of the Treasury announced sanctions on Park and a government-controlled company at which he worked for more than a decade: Chosun Expo Joint Venture, also known as Korea Expo Joint Venture.

The firm is tied to a North Korean military intelligence unit called Lab 110, the justice department said.

“North Korea has demonstrated a pattern of disruptive and harmful cyberactivity that is inconsistent with the growing consensus on what constitutes responsible state behavior in cyberspace,” the Treasury said in a statement. “Our policy is to hold North Korea accountable and demonstrate to the regime that there is a cost to its provocative and irresponsible actions.”

Earlier on Thursday, US President Donald Trump indicated in a tweet that talks were moving forward with North Korea.

“Kim Jong-un of North Korea proclaims ‘unwavering faith in President Trump.’ Thank you to Chairman Kim. We will get it done together!” Trump wrote.

US officials say that North Korea undertook the Sony hack in retaliation for the comedy film The Interview about a scheme to assassinate the North Korean leader.

The hack of Bangladesh Bank in February 2016 saw at least US$81 million stolen and transferred between a number of accounts in the Philippines and elsewhere, rendering most of it unrecoverable.

WannaCry 2.0 was “ransomware” — a form of malicious software — which spread virulently around the world in May last year, infecting about 300,000 computers in 150 nations.

It encrypted user files and offered to free them in exchange for hundreds of US dollars each.

The attack most notably locked up the systems of Britain’s National Health Service, causing significant damage.

In December last year, Pyongyang called allegations that it was behind the ransomware “absurd” and a “grave political provocation.”

The justice department said it had linked Park and others to the schemes by tracing e-mail and social media accounts.