Most Wanted - North Korean Hackers 

Uploaded on 2024-07-26 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-Law Enforcement, FREE TO VIEW

The US, South Korea and Britain have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets. The Andariel group has been compromising organisations around the globe as it attempts to steal highly classified technical information and intellectual property data, according the the British National Cyber Security Centre (NCSC). 

Andariel's campaigns are carried out to "further the regime's military and nuclear ambitions". Now, the US has placed a $10 million bounty on a North Korean citizen connected with Andariel.  He is accused him of attacking health care systems with ransomware as well as hacking NASA and the US Air Force.

The NCSC, along with the FBI in the US and South Korea's national intelligence service, have issued a joint warning and advisory note about Andariel's actions. 

They have urged critical infrastructure organisations to "stay vigilant" against such cyber operations. “The US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act,” says the US Dept of State.

Andariel focuses on targeting defence contractors, military organisations and governments for espionage.
Over time, the group has branched out into other sectors, targeting information on nuclear weapons and, particularly during the pandemic, organisations in the life sciences and pharmaceutical sector, according to research by cyber security company Secureworks.

The reward is for information that could lead to the identification or location of Rim Jong Hyok, who is “associated with a malicious cyber group known as Andariel,” the US State Department says.

The FBI also issued a wanted notice for Rim the same day after a US court in Kansas issued a federal warrant for his arrest on July 24 on charges of conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

Rim is a member of the Andariel Unit that acts on behalf of North Korea’s military intelligence agency, the Reconnaissance General Bureau, the FBI notice says

According to NCSC director of operations Paul Chichester "The global cyber espionage operation that we have exposed today shows the lengths that North Korean state-sponsored actors are willing to go to pursue their military and nuclear programmes."

Andariel is understood to be a unit of the North Korean military's Reconnaissance General Bureau (RGB) 3rd bureau, and the group's malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, according to the the NCSC. 

The group has primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors. In particular, Andariel has attempted to obtain information including contract specification, design drawings and other secret project details. 

US Sate Dept.   |   NCSC   |   CISA   |   Secureworks   |   Sky   |    NKNews   |    FBI    |   Yahoo 

Image: FBI 

You Might Also Read: 

Joint Opposition To Online Threats From North Korea:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« CrowdStrike’s Cyber Outage Will Cost $Billions
Ghost Accounts Spreading Malware On GitHub »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

Untangle

Untangle

Untangle provides network security products designed specifically for the below-enterprise market, safeguarding businesses, home offices, nonprofits, schools and governmental organizations.

DataArt

DataArt

DataArt is a global technology consultancy that designs, develops and supports unique software solutions. Areas of activity include software security testing.

Dutch Accreditation Council (RvA)

Dutch Accreditation Council (RvA)

RvA is the national accreditation body for the Netherlands. The directory of members provides details of organisations offering certification services for ISO 27001.

Carbonite

Carbonite

Carbonite offers all the tools necessary for protecting data from the most common forms of data loss, including ransomware, accidental deletions, hardware failures and natural disasters.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

NeuroChain

NeuroChain

NeuroChain is an intelligent ecosystem that is more secure, more reliable and much faster than blockchain.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

ADL Consulting

ADL Consulting

ADL Consulting provide information security-related consultancy and training support to businesses across the UK. Our services include ISO27001, GDPR, Cyber Essentials and training.

SIXGEN

SIXGEN

SIXGEN provides incident response, operational and penetration testing, red teaming, tool development, cyber training development and continuous monitoring.

BATM Advanced Communications

BATM Advanced Communications

BATM Advanced Communications is a leading provider of real-time technologies for networking and cyber security solutions.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Insight Enterprises

Insight Enterprises

Insight is a leading solutions integrator, helping you navigate today’s ever-changing business environment with teams of technical experts and decades of industry experience.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

Deepware

Deepware

Deepware is an emerging AI research company dedicated to exploring the potential of GenAI in both generation and detection.