Security News > 2024 > July > North Korean chap charged for attacks on US hospitals, military, NASA – and even China
![North Korean chap charged for attacks on US hospitals, military, NASA – and even China](/static/build/img/news/north-korean-chap-charged-for-attacks-on-us-hospitals-military-nasa-and-even-china-medium.jpg)
The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.
An indictment [PDF] named Rim Jong Hyok as a participant in "a conspiracy to hack and extort US hospitals and other health care providers, launder the ransom proceeds, and then use these proceeds to fund additional computer intrusions into defense, technology, and government entities worldwide."
The indictment mentions a pair of South Korean defense companies as targets, as well as a South Korean manufacturer.
Even a Chinese energy company became a target - an oddity, given North Korea depends on the People's Republic for patronage and resources.
"Onyx Sleet's ability to develop a spectrum of tools to launch its tried-and-true attack chain makes it a persistent threat, particularly to targets of interest to North Korean intelligence, like organizations in the defense, engineering, and energy sectors," in Microsoft's estimation.
"APT45 and activity clusters suspected of being linked to the group are strongly associated with a distinct genealogy of malware families separate from peer North Korean operators like TEMP.Hermit and APT43," Mandiant asserted, before noting that the group is North Kore''s most frequently-observed targeter of critical infrastructure.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/07/26/andariel_indictment_north_korea/
Related news
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals (source)
- London hospitals left in critical condition after ransomware attack (source)
- Major London hospitals disrupted by Synnovis ransomware attack (source)
- Qilin ransomware gang linked to attack on London hospitals (source)
- London hospitals face blood shortage after Synnovis ransomware attack (source)
- Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals (source)
- China's FortiGate attacks more extensive than first thought (source)
- London hospitals cancel over 800 operations after ransomware attack (source)
- Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals (source)
- Microsoft blamed for million-plus patient record theft at US hospital giant (source)