US prosecutors have charged a North Korean man alleged to have been involved in creating the malicious WannaCry software used to cripple the NHS and other organisation worldwide.
The incident which took place in May 2017 left UK NHS staff reverting to pen and paper after being locked out of computer systems.
The man who has been charged is Park Jin Hyok who is said to be linked to the Lazarus Group. This hacking collective is also blamed for the hack on Sony Pictures in 2014.
Park attended the Kim Chaek University of Technology in Pyongyang, North Korea. He is a North Korean citizen last known to be in North Korea. Park has traveled to China in the past and conducted legitimate IT work under the front company “Chosun Expo” or the Korean Expo Joint Venture in addition to activities conducted on behalf of North Korea’s Reconnaissance General Bureau.
Park Jin Hyok is allegedly a North Korean computer programmer who is part of a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history, including the cyber attack on Sony Pictures Entertainment, a series of attacks targeting banks across the world that collectively attempted to steal more than one billion dollars, and the WannaCry ransomware attack that affected tens of thousands of computer systems across the globe.
Park was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers employed by a company that was operated by the North Korean government. The front company – Chosun Expo Joint Venture, also known as Korea Expo Joint Venture – was affiliated with Lab 110, one of the North Korean government’s hacking organizations. That hacking group is what some private cybersecurity researchers have labeled the “Lazarus Group.” On June 8, 2018, a federal arrest warrant was issued for Park Jin Hyok in the United States District Court, Central District of California, after he was charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer-related fraud (computer intrusion).
North Korea routinely denies being involved in any hack attacks attributed to them.
FBI wanted poster for Park Jin Hyok – https://www.fbi.gov/wanted/cyber/park-jin-hyok/@@download.pdf
Full US prosecutors document – https://www.justice.gov/usao-cdca/press-release/file/1091951/download
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.