North Korean hacker accused of hospital ransomware attacks

A man reportedly affiliated with North Korean military intelligence has been allegedly participating in a scheme to hack into U.S. healthcare systems.

Rim Jong Hyok is allegedly a part of a hacker group known as Andariel, believed to be controlled by the Democratic People's Republic of Korea military intelligence agency, the Reconnaissance General Bureau. 

According to a July 25 news release from the State Department, Mr. Hyok stands accused of plotting to infiltrate U.S. hospital computer systems and other healthcare providers by deploying Maui ransomware to demand ransoms.

"The ransomware attacks encrypted victims' computers and servers used for medical testing or electronic medical records and disrupted healthcare services," the release reads. "These malicious cyber actors then used the ransom payments to fund malicious cyber operations targeting U.S. government entities and U.S. and foreign defense contractors, among others."

U.S. law enforcement investigators have reported that Andariel hackers targeted five healthcare providers, four defense contractors based in the U.S., two U.S. Air Force bases and NASA's Office of Inspector General.

A $10 million reward has been announced for information leading to the identification or location of individuals acting under the direction or control of a foreign government who engage in malicious cyber activities targeting U.S. critical infrastructure, in violation of the Computer Fraud and Abuse Act.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars