The U.S. State Department has offered a $10 million reward for information about a North Korean computer hacker accused of helping to seize control of medical records held by American healthcare providers to extort ransom money for use by Pyongyang.
In a statement released Thursday, the State Department's Rewards for Justice program said it would provide "up to $10 million" for any information that leads to "the identification or location" of Rim Jong Hyok, who it says is associated with the hacker group Andariel.
Andariel is part of Pyongyang’s military intelligence agency, the Reconnaissance General Bureau, it says, noting it runs North Korea’s “malicious cyber activities” and is involved in arms trafficking.
“Rim and others conspired to hack into the computer systems of U.S. hospitals and other healthcare providers, install Maui ransomware, and extort ransoms,” it says, explaining that the ransomware attacks had encrypted medical records used by American hospitals.
“These malicious cyber actors then used the ransom payments to fund malicious cyber operations targeting U.S. government entities and U.S. and foreign defense contractors, among others,” it adds.
Five healthcare providers, four defense contractors, two Air Force bases and even NASA were targeted, it says. The group allegedly seized 30 gigabytes of data from one defense contractor, including unclassified technical details about military aircraft and satellites.
A senior FBI official, who spoke with reporters on condition of anonymity to discuss the case, said it demonstrated how Pyongyang’s cyber-espionage efforts directly financed the regime’s efforts to “further their larger military and nuclear-program objectives.”
“Without the ability to conduct these ransomware operations and receive payments, other cyber operations conducted by DPRK would be difficult,” he said, using an acronym for the North Korean regime.
The State Department said that its Rewards for Justice program had paid out more than $250 million in rewards to “more than 125 people” worldwide since it was introduced four decades ago.