Risingbd Online Bangla News Portal

Dhaka     Thursday   28 March 2024

BB heist: DoJ charges North Korean programmer

3 || risingbd.com

Published: 10:18, 7 September 2018   Update: 15:18, 26 July 2020
BB heist: DoJ charges North Korean programmer

International Desk: The US Department of Justice (DoJ) announced charges Thursday against an alleged hacker for the North Korean government in connection with a series of major cyber attacks, marking the first time the United States has brought such charges against a Pyongyang operative.

Park Jin Hyok, officials said, is accused of being part of a conspiracy to hack on behalf of North Korea’s Reconnaissance General Bureau (RGB), the military intelligence agency that controls most of the country’s cyber-capabilities.

He and other unidentified operatives are accused of being members of the Lazarus Group, which also has been implicated in the audacious attempt to steal $1 billion from the Bangladesh Bank in 2016, and to the WannaCry 2.0 virus that affected more than 230,000 computers in 150 countries last year.

The charges against Park, detailed in a 179-page complaint, come as President Trump seeks North Korea’s commitment to fully abandon its nuclear weapons program. They were filed in June, days before Trump met North Korean leader Kim Jong Un at a summit in Singapore, but not unsealed until Wednesday.

Pyongyang has denied allegations of hacking.

“The scale and scope of the cybercrimes alleged by the complaint is staggering and offensive to all who respect the rule of law and the cyber norms accepted by responsible nations,” said Assistant Attorney General John Demers.

The Treasury Department on Thursday also imposed sanctions against Park and the Chosun Expo Joint Venture, a state-owned firm that employed him in Dalian, China. Officials said Park and others operated in North Korea, China and other countries that were not identified. The sanctions allow the United States to seize any of their U.S. assets and prohibit Americans from taking part in any transactions with them.

North Korea was the last of the United States’ four major foreign cyber-adversaries to have hacking-related charges brought against government operatives.

Under the Obama administration, indictments were issued in 2014 against five Chinese military officers for alleged cyber-enabled economic espionage, and in 2016 against seven Iranian hackers for allegedly disrupting bank websites and attempting to disrupt a small New York dam. Last year, the Justice Department obtained indictments of two Russian spies and two criminal hackers in connection with the theft of 500 million Yahoo user accounts in 2014.

North Korea, though reclusive and impoverished, has been highly aggressive in cyberspace and was among the first to deploy disruptive attacks on a large scale — primarily against its arch foe South Korea.

“North Korea’s cyber-forces are among the most disruptive in the world today,” said Dmitri Alperovitch, co-founder of CrowdStrike, a cyberthreat intelligence firm. “Their tradecraft continues to grow in sophistication, and their crimes have harmed the global financial system and nearly every sector of the world economy.’’

Park, 34, is a computer programmer educated at a North Korean university who since at least 2002 conducted cyber-operations through Chosun Expo on behalf of Lab 110, or Bureau 110, one of the government’s hacking organizations, the complaint states. He worked in Dalian, near the North Korea border, between 2011 and 2013, returning to North Korea by 2014, before the cyberattack on Sony, officials said.

Shortly before Thanksgiving that year, North Korea-linked hackers wiped data from thousands of Sony computers and stole confidential emails whose disclosure forced the resignation of a top executive. North Korea also targeted AMC theaters, which planned to show a satirical film depicting Kim’s assassination, and a British production company that was planning to produce another feature about North Korea, according to the complaint.

The campaign, carried out as a “false flag” operation by a group calling itself Guardians of the Peace, was allegedly launched in retaliation for the studio’s planned release of the satirical movie, “The Interview.” Earlier that year, Pyongyang had demanded that the studio pull the film. In December, following a torrent of embarrassing leaks and escalating threats, Sony said it would cancel the film’s release.

President Barack Obama, angered by what he saw as an assault on a core American value, in January 2015 directed that sanctions be imposed on Pyongyang, including on the RGB.

Around the same time that Park and other Lazarus Group members conducted the Sony attack, they began targeting banks, the complaint alleges. They used some of the same Gmail accounts and malware employed against Sony, the complaint says.

In 2016, world banking officials were shocked to discover hackers had siphoned $81 million from accounts at Bangladesh Bank in what FBI officials called the largest cyberheist in history. Investigators have said that attack was particularly egregious in that one government attempted to steal $1 billion from another government — and nearly succeeded.

The hackers, officials say, gained access to the bank’s interface with a global electronic messaging system known as SWIFT, which is used to direct money transfers between financial institutions.

Posing as bank employees, the hackers sent fraudulent messages to the Federal Reserve Bank of New York, ordering large money transfers to accounts in other countries. Some $81 million from Bangladesh Bank’s account was sent to banks in the Philippines. Most of that money was sent to casinos in Manila and never recovered.

Source: washingtonpost.com


risingbd/Dhaka/Sep 7, 2018/Nasim

risingbd.com