Most Wanted - North Korean Hackers 

Uploaded on 2024-07-26 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-North Korea, GOVERNMENT-Law Enforcement, FREE TO VIEW

The US, South Korea and Britain have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets. The Andariel group has been compromising organisations around the globe as it attempts to steal highly classified technical information and intellectual property data, according the the British National Cyber Security Centre (NCSC). 

Andariel's campaigns are carried out to "further the regime's military and nuclear ambitions". Now, the US has placed a $10 million bounty on a North Korean citizen connected with Andariel.  He is accused him of attacking health care systems with ransomware as well as hacking NASA and the US Air Force.

The NCSC, along with the FBI in the US and South Korea's national intelligence service, have issued a joint warning and advisory note about Andariel's actions. 

They have urged critical infrastructure organisations to "stay vigilant" against such cyber operations. “The US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act,” says the US Dept of State.

Andariel focuses on targeting defence contractors, military organisations and governments for espionage.
Over time, the group has branched out into other sectors, targeting information on nuclear weapons and, particularly during the pandemic, organisations in the life sciences and pharmaceutical sector, according to research by cyber security company Secureworks.

The reward is for information that could lead to the identification or location of Rim Jong Hyok, who is “associated with a malicious cyber group known as Andariel,” the US State Department says.

The FBI also issued a wanted notice for Rim the same day after a US court in Kansas issued a federal warrant for his arrest on July 24 on charges of conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

Rim is a member of the Andariel Unit that acts on behalf of North Korea’s military intelligence agency, the Reconnaissance General Bureau, the FBI notice says

According to NCSC director of operations Paul Chichester "The global cyber espionage operation that we have exposed today shows the lengths that North Korean state-sponsored actors are willing to go to pursue their military and nuclear programmes."

Andariel is understood to be a unit of the North Korean military's Reconnaissance General Bureau (RGB) 3rd bureau, and the group's malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, according to the the NCSC. 

The group has primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors. In particular, Andariel has attempted to obtain information including contract specification, design drawings and other secret project details. 

US Sate Dept.   |   NCSC   |   CISA   |   Secureworks   |   Sky   |    NKNews   |    FBI    |   Yahoo 

Image: FBI 

You Might Also Read: 

Joint Opposition To Online Threats From North Korea:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« CrowdStrike’s Cyber Outage Will Cost $Billions
Ghost Accounts Spreading Malware On GitHub »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CERT.hr

CERT.hr

CERT.hr is the national authority competent for prevention and protection from computer threats to public information systems in the Republic of Croatia.

ForgeRock

ForgeRock

ForgeRock, the leader in digital identity, delivers comprehensive Identity and Access Management solutions for consumers, employees and things to simply and safely access the connected world.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Cloudmark

Cloudmark

Cloudmark is a trusted leader in intelligent threat protection against known and future attacks, safeguarding 12 percent of the world’s inboxes from wide-scale and targeted email threats.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Brighterion

Brighterion

Brighterion solutions stop payment and acquirer fraud, reduce credit risk and delinquency, fight financial crime, prevent healthcare fraud, waste and abuse, and more.

InfoExpress

InfoExpress

InfoExpress provides network security solutions that enhance productivity and security through better visibility, improved security, and automating device and mobile access to the network.

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance (PIRC)

Partners in Regulatory Compliance provides an array of cybersecurity services including cybersecurity policy management, risk assessments and regulatory compliance consulting.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

Amidas Hong Kong

Amidas Hong Kong

Amidas is your trusted companion on the road to Digital Transformation. We provide a full range of Information Technology Solutions and Professional Services to Enterprise customers.

RedHunt Labs

RedHunt Labs

RedHunt Labs is a premier Cybersecurity Solutions provider, offering Attack Surface Management solution 'NVADR' and Penetration Testing services.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

Cynical Technology

Cynical Technology

Cynical Technology is a Nepalese cybersecurity company with expertise in security consulting, auditing, testing and compliance.

Umbrella Cyber

Umbrella Cyber

Umbrella Cyber specialises in Cyber Essentials and Cyber Essentials Plus Certification and penetration testing.