North Korean Military Computer Programmers Charged In Sony Hack, WannaCry Attack That Crippled Computers Worldwide
LOS ANGELES (CBSLA) — Federal prosecutors in Los Angeles unsealed an indictment Wednesday against three North Korean computer programmers who they say were behind several, wide-ranging cyber crimes, including the cyberattack on Sony Pictures Entertainment in 2014.
The indictment identifies Jon Chang Hyok, 31; Kim Il, 27; and Park Jin Hyok, 36; as members of the Reconnaissance General Bureau, or RGB, a military intelligence agency of the Democratic People's Republic of Korea. Park was previously charged in a 2018 criminal complaint.
Each of the hackers have been charged with one count of conspiracy to commit computer fraud and abuse. A Canadian man has also pleaded guilty to conspiracy to laundering funds for the hackers in several of the schemes outlined by federal prosecutors.
"The scope of the criminal conduct by the North Korean hackers was extensive and long-running, and the range of crimes they have committed is staggering," Acting U.S. Attorney Tracy L. Wilkison said in a statement.
The three hackers are accused of being behind several criminal cyber schemes that wreaked havoc in the United States and abroad, including cyberattacks on Sony Pictures Entertainment in 2014 in retaliation for releasing "The Interview," which portrayed a fictional assassination of North Korea's leader; AMC Theatres, which was showing the film, and a 2015 intrusion into the computers of Mammoth Screen, which was producing a fictional TV show about a British nuclear scientist taken prisoner in North Korea.
The indictment also alleges they were behind the WannaCry ransomware that hobbled computers worldwide in 2017; cyber heists between 2015 and 2019 from banks in Vietnam, Bangladesh, Taiwan, Mexico, Malta and Africa; ATM cash-out schemes, including one that stole $6.1 million from BankIslami Pakistan Limited in 2018; developing malicious cryptocurrency in order to get a backdoor into investors' computers; and multiple spear-phishing campaigns from March 2016 through this month that targeted employees of U.S. defense contractors, energy companies, aerospace companies, technology companies, and federal agencies with security clearance.
