US charges three North Koreans for Sony Pictures, WannaCry attacks

The men are said to have been responsible for a $1.3 billion hacking spree

North Korea hacker in the dark with the country's flag in the background

The US Department of Justice (DoJ) has charged three North Korean computer programmers with hacking offences related to a number of high profile data breaches, including an attack on Sony Pictures in 2014.

The men have been accused of attempting to steal more than $1.3 billion in money and cryptocurrency from a number of businesses around the world, according to Reuters.

The charge alleges that Jon Chang Hyok, Kim Il, and Park Jin Hyok conducted a series of attacks while working for North Korea's military intelligence agency. The attack on Sony Pictures Entertainment in 2014 was thought to have been retaliation for the launch of the 'The Interview', a US action comedy film depicting the assassination of North Korean leader Kim Jong-un.

In the aftermath of that attack, security experts from companies including Kaspersky, Trend Micro, and Carbon Black conducted an operation to disrupt the Lazarus group, which was believed to be responsible. The three men were not directly linked to the group in the indictment, however.

Similarly, the three men are also accused of targeting staff at AMC Theatres in the UK and breaking into computers that belonged to the Mammoth Screen production company. The firm was working on a drama series about North Korea, which is also thought to be the reason for the attack.

Related Resource

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

cost of a data breach report 2020 - whitepaper from IBMDownload now

Park already has a 2018 indictment against his name, according to the DOJ, and the three are also thought to have been involved in the creation of WannaCry 2.0. The ransomware attack crippled a number of other organisation across Europe in 2017, most notably the NHS, which had to cancel around 19,000 appointments and lost around £92 million as a result.

The men have also been blamed for attacks on banks in Asia, Mexico, and Africa with the deployment of malicious applications that exploit SWIFT programming protocols. The three are alleged to have stolen $81 million from a single attack in Bangladesh, according to the indictment.

"North Korea's operatives, using keyboards rather than guns, stealing digital wallets of cryptocurrency instead of sacks of cash, are the world's leading 21st-century nation-state bank robbers," US assistant attorney general John Demers said according to Reuters.

The three men are thought to be currently in North Korea, but officials also believe they have spent periods of time in other countries, such as China and Russia.

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
Security researchers take control of a Tesla via drone
ethical hacking

Security researchers take control of a Tesla via drone

5 May 2021
New report highlights the need for diversity in cyber security recruitment
cyber security

New report highlights the need for diversity in cyber security recruitment

28 Apr 2021
Hackers could abuse legitimate Windows AD FS to steal data
Microsoft Windows

Hackers could abuse legitimate Windows AD FS to steal data

28 Apr 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
Dell patches vulnerability affecting hundreds of computer models worldwide
cyber security

Dell patches vulnerability affecting hundreds of computer models worldwide

5 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021