Wanted! North Korean Hackers Attack America Using Ransomware
Morrissey Technology – A court in Kansas City, United States found guilty Rim Jong Hyok, a North Korean intelligence agent who used ransomware to attack health care providers in America. According to the American Ministry of Foreign Affairs, Rim is part of a syndicate called Andariel, which is managed by the North Korean intelligence agency, or Reconnaissance General Bureau. Even though he has been found guilty, Rim has not been arrested by the American government. In fact, they are offering a reward of USD 10 million for people who can provide location information from Rim, a foreign intelligence agency that carried out cyber attacks on critical American infrastructure.
The victim of the ransomware spread by Andariel was a hospital in Kansas. In their report to the FBI, they said there was a cyber attack in 2021 that blocked access to patient data and lab results. This attack also made the hospital’s computer network unusable. Andariel’s modus operandi has often been used. Namely infiltrating Maui ransomware into the victim’s computer system. Then they demanded a ransom with the threat of releasing confidential information if the ransom was not paid.
In the case of this Kansas hospital, the ransom requested was USD 100 thousand in bitcoin, which had to be paid within 48 hours. The ransom money was allegedly used to buy computers and servers which were later used to carry out other cyber attacks. The ransom was eventually paid, but the flow of the money could be traced until they discovered that someone had transferred the bitcoins to an address belonging to two Hong Kong citizens.
Court documents state that the money was then transferred to a bank in China and withdrawn using an ATM located on the Sino-Korean Friendship Bridge, which connects China with North Korea. Andariel and Rim were found guilty of infiltrating networks belonging to 17 entities spread across 11 states. Four of them are defense contractors, two are American Air Force bases, and NASA.
Andariel is even said to have hidden in NASA’s computer network for three months and managed to steal 17GB of confidential data. Meanwhile, from an American defense contractor, they succeeded in stealing 30GB of confidential data. The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the US Treasury have issued warnings regarding Andariel’s cyber attacks on health institutions in 2022.
“North Korean cybercriminals may assume that organizations providing health services will be willing to pay ransoms,” the three agencies wrote in a statement.
https://cheapstockbroker.com/opac/for4d/