DOJ charges North Korean national in Sony, WannaCry attacks

The Department of Justice (DOJ) announced Thursday that it was charging a North Korean programmer in the 2014 Sony hack, last year’s “WannaCry” malware attack and a 2016 theft from the Bangladesh Bank.

The lengthy 177 page complaint, detailed to reporters on Thursday, alleges that Park Jin Hyok was working on behalf of the North Korean government in carrying out the attacks.

{mosads}Park is also linked to the Lazarus Group, which was also tied to the Bangladesh Bank and WannaCry actions.

Park is charged with several crimes, including hacking charges, conspiracy and conspiracy to commit wire fraud.

Assistant Attorney General for National Security John Demers described the probe as one of the lengthiest and thorough cyber investigations in the division’s history.

“These activities run afoul of norms of acceptable safe behavior in cyberspace and the international community must address them when we can,” Demers said, adding that the charges “reflect the department’s determination and ability to follow the facts and the law and to hold individuals and nations accountable for their crimes.”

Officials state in the complaint that Park was working for a front company named the Korean Expo Joint Venture, which worked on behalf of North Korean intelligence and was charged with generating revenue for the military branch.

A senior DOJ official said that while no other individuals are named in the complaint, Park allegedly worked with others in carrying out the attacks.

The complaint also alleges that Park was in China in 2014, but returned to North Korea shortly before the Sony attack.

Park is also charged with being involved in numerous other attacks, including an alleged targeting of South Korean figures and Lockheed Martin, which officials noted runs a missile defense system in South Korea.

Sen. Mark Warner (Va.), the top Democrat on the Senate Intelligence Committee, said in a statement that the complaint is “an important step in making clear to our adversaries that these kinds of criminal activities are unacceptable.” 

“It also points to the need for a clearly thought-out and articulated strategy for deterring and punishing state-sponsored cyberattacks,” he said.

The House on Wednesday passed legislation that would name and sanction hackers who help execute nation-state-sponsored cyberattacks. A companion bill was referred to the Senate Foreign Relations Committee late last month.

The Treasury Department also announced Thursday that it would impose sanctions against Park and the Korean Expo Joint Venture.

“We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” Treasury Secretary Steven Mnuchin said in a statement.  “The United States is committed to holding the regime accountable for its cyberattacks and other crimes and destabilizing activities.”

The charges were brought against Park as the Trump administration seeks to improve relations with North Korea. Trump met with leader Kim Jong Un earlier this year and has sought to secure a full commitment from the country to denuclearize the Korean Peninsula.

Former President Obama had ordered sanctions against North Korea over the Sony attack. North Korean hackers stole and released confidential information and emails in the hack, and infamously pressured the studio to pull the theatrical release of the satirical movie “The Interview,” which depicted the eventual assassination of a North Korean leader.

The Trump White House also announced last year that it believed North Korea was behind for the WannaCry attack, which spread rapidly through hundreds of thousands of computers in more than 150 countries last May.

North Korea has denied the allegations.

Then-White House cybersecurity czar Tom Bossert said during a press conference in December that the U.S. agreed with several other countries’ assessments that North Korea was responsible for WannaCry. Bossert left the White House earlier this year after national security adviser John Bolton joined the Trump administration.

“I hope they stop acting badly online,” Bossert said in December. “If they don’t, this president will act on behalf of the United States.”

— Updated 1:42 p.m.

Read Park Jin Hyok Complaint by kballuck1 on Scribd