A man allegedly working for North Korean intelligence was indicted by U.S. prosecutors on Thursday for conspiracy to hack computers at NASA and military bases, along with serious ransomware attacks against U.S. health care providers, according to a new report from the Associated Press and a notice from the State Department.
Rim Jong Hyok was indicted by a grand jury in Kansas City, Kansas, and is allegedly associated with the hacking group known as Andariel. The group is part of North Korea’s military intelligence agency known as the Reconnaissance General Bureau, according to the State Department.
“Rim and others conspired to hack into the computer systems of U.S. hospitals and other healthcare providers, install Maui ransomware, and extort ransoms,” the State Department said in an announcement that was posted online.
“The ransomware attacks encrypted victims’ computers and servers used for medical testing or electronic medical records and disrupted healthcare services. These malicious cyber actors then used the ransom payments to fund malicious cyber operations targeting U.S. government entities and U.S. and foreign defense contractors, among others,” the agency continued.
Hyok allegedly participated in the hack of a Kansas City hospital in May 2021 which was hit with the Maui ransomware. Maui, which was first identified by the FBI after the hospital was hit, can lock up electronic health records among a host of other electronic files until a ransom is paid. The hospital paid about $100,00 in Bitcoin, according to the AP.
And the laundering of the crypto is also a factor in the case. Hyok was also indicted for conspiracy to commit money laundering, though the FBI has reportedly been able to seize about $600,000 in stolen funds back from Hyok and his associates.
Aside from hospitals, the State Department describes one intrusion from November 2022, when the hackers allegedly got into an unnamed defense contractor, securing roughly 30 GB of data. The data was reportedly unclassified technical information about “military aircraft and satellites,” and insists the information was “from 2010 or earlier.”
The U.S. government is offering a reward of up to $10 million for information that leads to the identification or location of Hyok as part of the State Department’s Rewards for Justice (RFJ) program.
