A man named Rim Jong Hyok, who is believed to have worked for North Korea’s military intelligence agency, has been charged with participating in a plot to hack American healthcare providers, according to federal prosecutors in Kansas City, Kansas. This conspiracy involved laundering ransom money and using it to finance cyber attacks on defense, technology, and government organizations worldwide. The attacks on US hospitals and healthcare providers caused disruptions in patient care, officials reported.
Stephen A. Cyrus, an FBI agent in Kansas City, emphasized that North Korea’s cyber crimes, which aim to evade international sanctions and support political and military goals, have a direct impact on the people of Kansas. Rim Jong Hyok has not yet been assigned a lawyer, according to online court records.
The US Justice Department disclosed that a Kansas hospital fell victim to a cyber attack in May 2021, during which hackers encrypted the medical center’s files and servers. The hospital paid a ransom of approximately $100,000 in Bitcoin to recover its data. In addition, the department was able to retrieve the ransom payment made by a Colorado healthcare provider affected by the same ransomware variant known as Maui.
In recent years, the Justice Department has initiated numerous criminal cases linked to North Korean hacking activities, often citing a profit-driven motive that sets them apart from hackers in Russia and China. For instance, in 2021, three North Korean computer programmers were charged in connection with various global cyber attacks, including a destructive assault on an American movie studio and an attempted theft and extortion scheme involving over $1.3 billion from financial institutions and businesses.
Investigators have indicated that Rim Jong Hyok was associated with the Andariel Unit within North Korea’s Reconnaissance General Bureau, a military intelligence agency. Hyok allegedly colluded to utilize ransomware software for cyberespionage attacks on American hospitals, as well as government and technology entities in South Korea and China.
The use of ransomware attacks by North Korea to fund its political and military activities is a serious concern with far-reaching consequences. The impact of these cyber crimes extends beyond financial losses to include disruptions in critical healthcare services and other essential sectors, highlighting the urgent need for enhanced cybersecurity measures and international cooperation to combat such threats.
