Subj : US government launches appeal to take down one of the most notori To : All From : TechnologyDaily Date : Fri Jul 26 2024 15:45:05 US government launches appeal to take down one of the most notorious North Korean hackers around Date: Fri, 26 Jul 2024 14:36:04 +0000 Description: North Korean hacker group that ransomed hospitals to pay for espionage campaigns in on the US and allies radar. FULL STORY ====================================================================== A North Korean hacker who attacked US healthcare organizations with ransomware attacks and then used the financial returns to steal sensitive data from tech and defense companies around the world has been indicted by a grand jury in Kansas City, Kansas. Rim Jong Kyok remains at large in North Korea, with the indictment standing as a demonstration that the US will continue to deploy all the tools at our disposal to disrupt ransomware attacks, hold those responsible to account, and place victims first, according to Deputy Attorney General Lisa Monaco. Todays criminal charges against one of those alleged North Korean operatives demonstrates that we will be relentless against malicious cyber actors targeting our critical infrastructure, Monaco stated. Circumventing sanctions and fueling regime ambitions Court documents show that Rim, along with others he collaborated with, worked for North Koreas Reconnaissance General Bureau. This bureau works as a military intelligence agency that is tracked by cybersecurity firms as Andariel, Onyx Sleet, and APT45. The group used a custom malware developed by North Korea known as Maui to target hospitals and other healthcare providers. Once the ransom was paid, the funds would be laundered through firms based in Hong Kong, converted into Chinese yuan, and then withdrawn from an ATM in the vicinity of the Sino-Korean Friendship Bridge, which connects the borders of Dandong, China, and Sinuiju, North Korea. These funds would then be used to purchase internet infrastructure to be used in the exfiltration of data from military and governmental institutions across the globe, including a further two US Air Force bases, NASA-OIG, and multiple entities in Taiwan, South Korea, and China. Todays indictment underscores our commitment to protecting critical infrastructure from malicious actors and the countries that sponsor them, said U.S. Attorney Kate E. Brubacher for the District of Kansas. Rim Jong Hyok and those in his trade put peoples lives in jeopardy. They imperil timely, effective treatment for patients and cost hospitals billions of dollars a year. The Justice Department will continue to disrupt nation-state actors and ensure that American systems are protected in the District of Kansas and across our nation. The UKs National Cyber Security Center issued a joint warning with its partners in the US and Republic of Korea to warn against North Koreas targeting of critical infrastructure to steal military and nuclear secrets. Paul Chichester, NCSC Director of Operations, said, The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes. It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse. The NCSC, alongside our US and Korean partners, strongly encourage network defenders to follow the guidance set out in this advisory to ensure they have strong protections in place to prevent this malicious activity, Chichester concluded. More from TechRadar Pro These are the best identity theft protection services Russias shadow war against Europe has begun as cyber attacks abusing Microsoft infrastructure increase Protect your network with the best endpoint protection ====================================================================== Link to news story: https://www.techradar.com/pro/us-government-launches-appeal-to-take-down-one-o f-the-most-notorious-north-korean-hackers-around --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .