A grand jury in Kansas City has indicted North Korean spy Rim Jong Hyuk for allegedly using ransomware to attack the systems of health care providers in the United States. AP News. The State Department said Rim was part of a group called Andariel, controlled by the North Korean intelligence agency, the General Intelligence Bureau. Rome is not controlled by the US government. It is an agency now offers a $10 million reward for information on the location of him or a foreign operative “engaged in certain malicious cyber activity against US critical infrastructure.”
A Kansas medical center notified the FBI of a 2021 attack that prevented employees from accessing patient files and lab test results, as well as preventing them from controlling hospital equipment from their computers. will infiltrate your computer system and infect it with Maui ransomware. The group will then demand payment from their target and threaten to release sensitive information if they don’t pay. In the Kansas hospital case, the group demanded a ransom of $100,000 worth of Bitcoin within 48 hours. The group allegedly used the money it raised to buy more computers and servers to fund more cyber attacks.
The FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department issued a joint warning about cyber security In the midst of Andariel’s attacks on health care providers in 2022. “North Korean state-sponsored cyber actors likely assume that healthcare organizations are willing to pay ransom because these organizations provide services that are critical to human life and health,” they said. Federal investigators said they tracked a ransom paid by a Kansas medical center through blockchains and discovered that one transferred Bitcoin to an address belonging to two Hong Kong nationals. According to documents seen by the court APthe money was then transferred to a Chinese bank and withdrawn from an ATM in China near the Sino-Korea Friendship Bridge, which connects the country to North Korea.
Andariel and Rim are accused of hacking 17 agencies in 11 states, including four defense contractors, two US Air Force bases and NASA. The group was reportedly able to stay inside NASA’s computer system for three months and steal 17 gigabytes of classified information. During one operation targeting a US defense contractor in November 2022, the State Department said the group was able to extract more than 30 gigabytes of data, including information on material used in US military aircraft and satellites.
