North Korean military intelligence operative Rim Jong Hyok has been indicted for hacking into US health care providers, NASA, US military bases, and international entities, to steal sensitive information and install ransomware, AP News reports.
Rim, associated with North Korea’s Andariel Unit, is accused of targeting 17 entities across 11 US states, including NASA, US military bases, and various defense and energy companies in China, Taiwan, and South Korea. The indictment details that Rim and his team accessed NASA’s computer systems for over three months, stealing over 17 gigabytes of data, they also targeted defense companies and military bases across the US.
The attacks disrupted hospital operations, including a May 2021 ransomware incident that encrypted files and demanded a Bitcoin ransom worth $100,000. Federal investigators traced the ransom payments through blockchain transactions to a Chinese bank, before being converted into Chinese currency and accessed from an ATM near the Sino-Korean Friendship Bridge. FBI later seized approximately $500,000 in ransom payments from the money laundering accounts in 2022.
The indictment, while unlikely to lead to Rim’s arrest, may impose sanctions that could limit North Korea’s ability to conduct ransomware operations. Analysts suggest this could lead to North Korea focusing more on cryptocurrency theft.
