UPDATED throughout with more details: Nearly four years after it jolted Hollywood and threw a wrench into international relations, the Sony hack is once again taking center stage. The Department of Justice today unsealed a criminal complaint against a North Korean computer programmer who conducted sophisticated cyber attacks around the world that crippled computer hardware and resulted in extensive loss of data and money.
The complaint, filed on June 8, alleges that Park Jin Hyok was a member of a hacking team sponsored by the Democratic People’s Republic of Korea. This group of cyber criminals, known to security experts as the Lazarus Group, was responsible for the devastating cyber assault on Sony Pictures in retaliation for the movie The Interview, which lampooned the North Korean leader, Kim Jong Un.
The Lazarus Group also targeted AMC Theatres and unidentified British production company, which was working on a fictional production about North Korea, in cyber assaults that FBI sources characterized as nothing short of an assault on free speech.
The FBI’s investigation, which involved interviews with more than 200 people, and amassed more than 600 pieces of evidence, managed to identify Park, who allegedly worked for a North Korean government front company, Chosun Expo Joint Venture, to support the government’s malicious cyber activities. This front company, which is also known as the Korea Expo Joint Venture, has ties to Lab 110, a component of DPRK military intelligence.
The Lazarus Group’s malicious activities extended to attempted cyberheists on financial institutions around the world, seeking to loot $1 billion, according to the complaint.
The group pilfered $81 million from Bangladesh Bank through a spear-phishing attack that allowed it to infiltrate the bank’s computer terminals. The group used this inside access to connect with the Society for Worldwide Interbank Financial Telecommunication communication system and direct the Federal Reserve Bank of New York to transfer funds from Bangladesh to accounts in other Asian countries.
Park and other North Korean cyber criminals also are behind the crippling WannaCry ransomware worm that spread rapidly through across a number of computer networks, infecting some 200,000 computers with malware and demanding payment in bitcoin. Among the targets was Britain’s National Health Service.
“This complaint exposes a vast and audacious scheme by the North Korean government to utilize computer intrusions as a means to support the varied goals of their regime,” said Paul Delacourt, the Assistant Director in Charge of the FBI’s Los Angeles Field Office, in a prepared statement. “From computer network attacks on private entertainment companies and financial institutions, to the development of malware which crippled thousands of victims’ computer systems, North Korean cyber aggressions were pursued – and revealed – thanks to the thorough technical and collaborative work of Los Angeles-based FBI agents, computer scientists, federal prosecutors and intelligence analysts.”
Federal investigators say Park is still at large, and believed to be in North Korea (which has no extradition agreement to surrender criminals to the U.S.)
Officials will lay out a case showing a far-reaching scheme perpetrated by the isolated nation, a stance that is starkly different from the warm-and-fuzzy view of the ruthless regime expressed recently by President Donald Trump.
Just this morning, Trump tweeted, “Kim Jong Un of North Korea proclaims ‘unwavering faith in President Trump.’ Thank you Chairman Kim. We will get it done together!”
The U.S. has long maintained that North Korea was responsible for the cyberattack, which resulted in the disclosure of tens of thousands of leaked emails and other materials. The Seth Rogen comedy The Interview, a spoof centered on North Korea with a plot about the effort to assassinate Kim, wound up being put online by hackers on the eve of its release.
Sony wound up canceling the theatrical release after threats were made to theaters. The studio eventually posted it on YouTube, a remarkable turn of events for a major wide release in a time before Netflix streaming Will Smith and Michael Bay movies.
Sony eventually settled a class-action suit by employees over leaked information, agreeing to pay $8 million.
The DOJ has charged hackers in China, Iran and Russia aiming to dissuade foreign powers from accommodating those who would attack U.S. corporations. That mission is a close cousin to one of the week’s hot topics, social media’s role in such attacks. Facebook’s Sheryl Sandburg and Twitter’s Jack Dorsey testified before the Senate Intelligence Committee yesterday, conceding that they have work to do on many fronts, including security, transparency and fraud.