US charges North Korean hacker with WannaCry and Sony hack

A North Korean programmer is accused of conducting cyber attacks on behalf of the government

USA Korea

The US Department of Justice has formally charged a North Korean government hacker with a series of major cyber attacks, including the Sony Pictures hack, the theft of $81 million from the Bangladesh Bank and the WannaCry ransomware.

The charges have been filed against North Korean programmer Park Jin Hyok, who the US claims was working as part of a North Korean government-backed hacking operation known commonly as Lazarus Group.

Park, who was educated at a North Korean university, spent a number of years employed by Chosun Expo Joint Venture, a company that is used as a front by the North Korean government and is allegedly used to fund a government cyber espionage division known as 'Lab 110'.

Advertisement - Article continues below

Through an elaborate network of dummy email addresses and social media accounts, network infrastructure paths and IP addresses, investigators say they have managed to link Park and a number of unnamed co-conspirators to key hacks - most notably, the WannaCry ransomware that temporarily crippled the NHS and caused global chaos.

Park and his colleagues were also linked to the 2014 attack on Sony Pictures, which saw caches of internal emails - as well as whole unreleased films - leaked online in retaliation for the release of Seth Rogen and James Franco's film The Interview, which mocks North Korean 'Supreme Leader' Kim Jong Un.

Advertisement - Article continues below

"The scope and damage of the computer intrusions perpetrated [by Park and his allies] is virtually unparalleled," said FBI Special Agent Nathan Shields as part of a sworn affidavit. "The attacks and intrusions described...would have each required the efforts of a well-resourced team of persons working in concert, each performing different tasks.

Advertisement - Article continues below

"The technical evidence... shows that those attacks and intrusions were carried out by a group of persons with access to the same email and social media accounts, computer infrastructure, and source code. Tracing connections back through the operational infrastructure reveals numerous connections between Park, his true-name email and social media accounts and the operational accounts used to conduct the cyber attacks."

While both the UK and the US have publicly blamed North Korea for unleashing WannaCry, this marks the first time that the US government has formally charged an operative of the Democratic People's Republic of Korea for hacking. It follows similar charges which have been levelled at Russian, Iranian and Chinese hackers over the last few years.

While it has no bearing on his own legal battle, the news has been greeted warmly by British malware researcher Marcus Hutchins. Hutchins was the one who discovered the 'kill-switch' that was built into WannaCry, effectively halting the malware's devastating spread.

Although the US government has not charged him with any involvement in the creation of WannaCry, the allegations that he was involved with the Kronos banking Trojan has led some to accuse him of being part of WannaCry as well.

"Law enforcement agencies and government officials around the world are challenged by the internet's invisible borders and its nameless perpetrators when it comes to pursuing or charging cybercriminals," said SonicWall CEO Bill Conner.

"While almost four years have passed since the communications giant sent notifications of its attacks, the U.S. Justice Department's actions are commendable and should serve as a reminder for consumers and organizations alike to remain vigilant."

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
ethical hacking

Mobile banking apps are exposing user data to attackers

26 Jun 2020

Most Popular

Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020

How to find RAM speed, size and type

24 Jun 2020

The road to recovery

30 Jun 2020