A grand jury in Kansas City has charged North Korean national Rim Jong Hyok for orchestrating a series of cyberattacks targeting U.S. hospitals and healthcare providers.
The indictment outlines a conspiracy involving ransomware attacks, extortion, and money laundering. The ill-gotten gains funded further intrusions into defense, technology, and government entities worldwide.
A Relentless Pursuit of Justice
The Justice Department’s Deputy Attorney General, Lisa Monaco, emphasized the gravity of the charges and the relentless pursuit of justice.
“Two years ago, the Justice Department disrupted the North Korean group using Maui ransomware to hold hostage U.S. hospitals and healthcare providers,” Monaco stated.
“Today’s criminal charges against one of those alleged North Korean operatives demonstrate our unwavering commitment to combating malicious cyber actors targeting our critical infrastructure.”
The indictment reveals that Rim Jong Hyok and his co-conspirators, operating under North Korea’s Reconnaissance General Bureau (RGB), deployed the custom-developed Maui ransomware to encrypt the electronic files of targeted healthcare providers.
The attackers then demanded ransom payments in cryptocurrency, which were subsequently laundered through China-based facilitators.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
Impact on U.S. Healthcare and Beyond
The ramifications of these cyberattacks were profound, with hospitals unable to provide full and timely care to patients.
Deputy Director Paul Abbate of the FBI highlighted the dire consequences, stating, “These unacceptable and unlawful actions placed innocent lives at risk. The FBI and our partners will leverage every tool available to neutralize criminal actors and protect American citizens.”
Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division underscored the broader impact of these attacks.
“North Korean hackers developed custom tools to target and extort U.S. healthcare providers and used their ill-gotten gains to fund a spree of hacks into government, technology, and defense entities worldwide,” Olsen said.
The indictment, recent seizures, and other actions demonstrate the Department’s resolve to hold these malicious actors accountable and help victims recover their losses.
A Coordinated Response
The indictment and subsequent actions represent a coordinated effort involving multiple agencies and international partners.
U.S. Attorney Kate E. Brubacher for the District of Kansas remarked, “Today’s indictment underscores our commitment to protecting critical infrastructure from malicious actors and the countries that sponsor them.”
The Air Force Office of Special Investigations (OSI) played a crucial role in the investigation. Brigadier General Amy S. Bumgarner, OSI Commander, affirmed their dedication to rooting out malicious actors.
Bumgarner noted that “Multiple OSI units, including one of our newly established National Security Detachments, provided support to this investigation.”
The FBI continues to investigate Andariel’s hacking and money laundering activities in collaboration with the Department of Defense Cyber Crime Center and NASA-OIG.
The Department of State has also announced a reward of up to $10 million for information leading to Rim Jong Hyok’s location or identification. Rim Jong Hyok’s indictment marks a significant step in the global effort to combat cybercrime and protect critical infrastructure.
As Deputy Attorney General Lisa Monaco stated, “We will continue to deploy all the tools at our disposal to disrupt ransomware attacks, hold those responsible to account, and place victims first.”
The Justice Department’s actions send a clear message that cyber actors, regardless of their location, will face severe consequences for their malicious activities.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo