US charges North Korean programmer Park Jin-hyok over WannaCry, Sony cyberattacks
Park Jin-hyok was ‘part of the conspiracy’ that masterminded those notorious hacks ‘on behalf of the Government of North Korea or the Workers’ Party of Korea’, say US government agencies
The US charged a North Korean programmer on Thursday with some of the most dramatic global hacking cases of recent years, alleging they were carried out on behalf of the regime in Pyongyang.
The hacks included the WannaCry 2.0 virus, the 2014 Sony Pictures attack, and the 2016 cyber-heist of Bangladesh’s central bank.
The US Justice and Treasury Departments said Park Jin-hyok was “part of the conspiracy” that masterminded those notorious hacks “on behalf of the Government of North Korea or the Workers’ Party of Korea”.
The Justice Department unveiled criminal charges related to the hacking against Park, while the Treasury announced financial sanctions on him and a government-controlled company he worked for, Chosun Expo Joint Venture.
“North Korea has demonstrated a pattern of disruptive and harmful cyber activity that is inconsistent with the growing consensus on what constitutes responsible state behavior in cyberspace,” the Treasury said in a statement.
“Our policy is to hold North Korea accountable and demonstrate to the regime that there is a cost to its provocative and irresponsible actions.” The move came as Washington seeks to get traction in negotiations with Pyongyang over halting its nuclear weapons program.
After an impasse of several weeks, earlier Thursday US President Donald Trump indicated in a tweet that talks were moving forward.
“Kim Jong Un of North Korea proclaims ‘unwavering faith in President Trump.’ Thank you to Chairman Kim. We will get it done together!” Trump exclaimed on Twitter.
Watch: White House says Sony hack was a ‘national security matter’ in 2014
The charges and sanctions singled out Park in some of the most notorious and damaging hacks in recent years, which had already been unofficially pinned on North Korea.
In 2014, US officials charges that unnamed North Korean hackers were responsible for a major cyber intrusion into Sony, which resulted in leaked internal documents and data being destroyed.
The attacks came after Pyongyang sent a letter to the United Nations, demanding that Sony not move forward with the movie The Interview, which portrayed the US-backed assassination of North Korean leader Kim Jong-un.
The hack of the central bank of Bangladesh saw at least US$81 million stolen and transferred between a number of accounts in the Philippines and elsewhere, rendering most of it unrecoverable.
WannaCry 2.0 was ransomware which spread virulently around the world in May 2017, infecting some 300,000 computers in 150 countries.
It encrypted user files and offered to free them in exchange for hundreds of dollars each.
Last December the North Korean government called allegations that it was behind the ransomware “absurd” and a “grave political provocation”.
The Justice Department in recent years has charged hackers from China, Iran and Russia in hopes of publicly shaming other countries for sponsoring cyberattacks on US corporations.
In 2014, for instance, the Obama administration charged five Chinese military hackers with a series of digital break-ins at American companies, and last year, the Justice Department charged Russian hackers with an intrusion at Yahoo.