The Atlanta Journal-Constitution
U.S. charges N. Korean spy as part of hack conspiracy
Pattern over 5 years included Sony, malware attacks.
WASHINGTON — A North Korean spy was charged in the hacking of Sony Pictures Entertainment in 2014, the Justice Department announced Thursday, accusing the North of orchestrating a broad conspiracy that caused hundreds of millions of dollars’ worth of economic damage over the past five years in the United States and around the world.
The suspect, Park Jin Hyok, was charged with computer fraud and wire fraud. He was part of attacks on film companies and distributors, including Sony Pictures, financial institutions and defense contractors, law enforcement officials said. He was also accused of being part of the development of the WannaCry 2.0 ransomware attack that infected hundreds of thousands of computers worldwide and crippled the British health care system last year.
Park appeared to work for North Korea’s Reconnaissance General Bureau, the country’s closest equivalent to the CIA, according to U.S. intelligence officials. The same intelligence agency is believed to be behind the WannaCry attack and thefts from the Bangladeshi central bank that reaped tens of millions of dollars for the North.
“The North Korean government, through a state-sponsored group, robbed a central bank and citizens of other nations, retaliated against free speech in order to chill it half a world away, and created disruptive malware that indiscriminately affected victims in more than 150 other countries, causing hundreds of millions, if not billions, of dollars’ worth of damage,” said John C. Demers, the head of the Justice Department’s National Security Division, in a statement.
“These charges will send a message that we will track down malicious actors no matter how or where they hide,” he added.
Park, who also went by the alias Pak Jin Hek, is unlikely to ever see the inside of a U.S. courtroom. The United States has no direct, formal relations with North Korea and did not communicate with its reclusive government ahead of the charges.
Hours before the Justice Department was set to act, President Donald Trump seemed to praise North Korean leader Kim Jong Un, saying on Twitter that he “proclaims ‘unwavering faith in President Trump.’ Thank you to Chairman Kim. We will get it done together.”
It was unclear whether Trump knew about the forthcoming charges. Asked whether the White House was briefed on the complaint before it was released, a Justice Department official would only say that it was standard practice to brief relevant parts of the executive branch.
Also Thursday, the Treasury Department announced that it had added Park’s name to its sanctions list, which means that no bank or other financial institution that does business in the United States can also do business with or provide accounts to Park or Chosun Expo Joint Venture, also known as KEJV.
“We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” said Treasury Secretary Steven Mnuchin.
The sanctions are unlikely to have much effect on Park and are a less powerful tool than criminal charges in ensuring that Park cannot travel far outside of North Korea.
In its 179-page complaint, the government mapped out a yearslong, complex scheme to undermine institutions around the world and steal millions of dollars.
The November 2014 hack shocked Sony Pictures’ 7,000 employees, who were greeted with macabre images of studio chief Michael Lynton’s severed head when they turned on their computers. Sony shut down all of its computer systems, including those in overseas offices, leaving the company without voicemail, email or production systems, essentially crippling operations.
The crime underscored how vulnerable the United States had become to cyber criminals and how malicious actors living far away could cripple U.S. corporations. Hackers would soon infiltrate the Office of Personnel Management, the White House email system and the IRS.