US Offers $10 Million Reward to Catch North Korean Cyber Attacker

The U.S. Department of State will hand $10 million to whoever can help them track down a North Korean hacker accused of engaging in “cyber operations” against the United States.

Rim Jong Hyok is a North Korean national associated with the “malicious cyber group known as Andariel,” which State Department officials said is “controlled by the DPRK’s military intelligence agency.”

Federal prosecutors meanwhile announced Thursday that he has been indicted for his alleged involvement in a conspiracy to hack American health care providers.

He was indicted by a grand jury in Kansas City and stands accused of laundering ransom money and using it to fund additional cyber attacks on defense, technology and government entities around the world. The hack on American hospitals and other health care providers disrupted the treatment of patients, officials said.

“While North Korea uses these types of cyber crimes to circumvent international sanctions and fund its political and military ambitions, the impact of these wanton acts have a direct impact on the citizens of Kansas,” said Stephen A. Cyrus, an FBI agent based in Kansas City.

Through its “Rewards for Justice” program, the Department is now offering up to $10 million dollars “for information leading to the identification or location” of anyone who has engaged in “malicious cyber activities” against the U.S. under the orders of a foreign government.

Rim’s associates are accused of “malicious cyber activities” and their targets are alleged to have included “foreign businesses, government entities, and the defense industry.”

Andariel used the resulting ransom payments to “fund malicious cyber operations targeting U.S. government entities and U.S. and foreign defense contractors, among others.”

In November 2022, the group hacked an unnamed “U.S.-based defense contractor,” and extracted over 30 gigabytes of data, which included “unclassified technical information regarding material used in military aircraft and satellites.”

“U.S. law enforcement investigators have documented that Andariel actors victimized five healthcare providers, four U.S.-based defense contractors, two U.S. Air Force bases, and the National Aeronautics and Space Administration’s Office of Inspector General,” the statement reads.

The agency also claims that Andariel has been involved in the country’s “illicit arms trade.”

The DOS rewards program was founded in 1984, and has since paid over $250 million in rewards to individuals “who provided actionable information that helped resolve threats to U.S. national security.”

The largest reward ever offered by the agency was $25 million for information leading to the capture of al-Qaeda leader Osama bin Laden.

This attracted “hundreds of anonymous calls but no reliable leads,” according to the Washington Post, citing officials familiar with the program.

The DOS said that the latest, significant reward “underscores the United States’ continued efforts to address the DPRK’s malicious cyber activity against critical infrastructure as well as prevent and disrupt the DPRK’s ability to generate illicit revenue through malicious cyber activity, which it uses to fund its unlawful WMD and ballistic missile programs.”

North Korea’s offensive cyber capabilities have received increased attention in recent months, as tensions between Kim Jong Un and the West continue to deteriorate.

In May, hacking syndicates linked to Pyongyang reportedly infiltrated the personal emails of over 100 South Korean individuals, including high-ranking defense officials.

According to a June report by cloud security company Zscaler, North Korean hackers had used a piece of malware, masquerading as a legitimate Google translation program, to steal email addresses and data from victims, one of whom was a South Korean academic specializing in the geopolitics of the Korean Peninsula.

Do you have a story we should be covering? Do you have any questions about this article? Contact  LiveNews@newsweek.com.