DOJ announces charges against North Korean hacker for Sony, Wannacry cyber attacks

The Justice Department is filing charges four years after the Sony hack.

September 6, 2018, 2:21 PM

The Justice Department announced charges Thursday against a North Korean national who U.S. authorities have accused of being behind the massive hack of Sony in 2014 and the Wannacry ransomware attack last year.

Park Jin Hyok is identified as an alleged North Korean programmer who is accused of being "part of a state-sponsored hacking organization responsible for some of the costliest computer intrusions in history," according to an FBI wanted poster released Thursday.

Those attacks include the Sony Pictures Entertainment hack, the Wannacry attack and "a series of attacks targeting banks across the world that collectively attempted to steal more than one billion dollars," according to the FBI.

Park has been charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer-related fraud (computer intrusion), authorities say.

On June 8, a federal warrant was issued for his arrest. He is now considered a fugitive from justice, and his last known whereabouts were in North Korea, federal agents and prosecutors said at a press conference in Los Angeles Thursday.

Officials said Thursday they linked Park to the attacks after finding that email and social media accounts they had been tracing were connected to each other. Officials said Park used proxy services to mask locations.

PHOTO: The Robert F. Kennedy Department of Justice Building is seen in Washington.
The Robert F. Kennedy Department of Justice Building is seen in Washington.
Getty Images, FILE

Park, who also goes by the aliases Pak Jin Hek and Jin Hyok Park, was allegedly working with a company that is affiliated with the North Korean government, according to the FBI.

Officials said during Thursday's press conference that Park's age is unknown, but he is believed to be in his 20s or 30s. He has traveled to China to do legitimate IT work, according to officials, and the FBI is now asking anyone around the globe who sees him to turn him in.

"Park was alleged to be a participant in a wide-ranging criminal conspiracy undertaken by a group of hackers employed by a company that was operated by the North Korean government. The front company -- Chosun Expo Joint Venture, also known as Korea Expo Joint Venture -- was affiliated with Lab 110, one of the North Korean government’s hacking organizations," the wanted poster reads.

The U.S. Department of Treasury on Thursday also sanctioned Park and Chosun Expo Joint Venture.

“We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” said Treasury Secretary Steven Mnuchin in a statement. “The United States is committed to holding the regime accountable for its cyber-attacks and other crimes and destabilizing activities.”

The Treasury Department said Park allegedly operated in North Korea, China and elsewhere "to perpetrate these malicious activities."

"North Korea has demonstrated a pattern of disruptive and harmful cyber activity that is inconsistent with the growing consensus on what constitutes responsible state behavior in cyberspace," the department said in a statement. "Our policy is to hold North Korea accountable and demonstrate to the regime that there is a cost to its provocative and irresponsible actions."

In 2014, hackers attacked Sony Pictures Entertainment, releasing a trove of emails and stealing personal data from company executives.

The hackers also threatened to attack theaters screening "The Interview" -- a fictional comedy about two Americans who are asked to assassinate North Korean leader Kim Jong-un -- leading several major chains to pull the film from their lineups and Sony to cancel its Christmas Day release date.

Officials said Thursday that big companies linked to productions against North Korea were impacted by Park's alleged hacking, and many of the intrusions started through email phishing scams.

Last year, the Wannacry cyber attack crippled computers around the world.

It was first detected in Europe on May 12, 2017, and by May 15, the attack had hit more than 200,000 hospitals, corporations, government agencies and other organizations in 150 countries. In December, the White House blamed North Korea for the attack.

While U.S. officials have long said that North Korea was responsible for both incidents, the Justice Department formally announced the charges against Park during the press conference in Los Angeles Thursday.

The Department of Justice said Park is "one of many government-backed individuals suspected of being involved."

Earlier on Thursday, President Donald Trump praised North Korean ruler Kim Jong Un on Twitter.

"Kim Jong Un of North Korea proclaims 'unwavering faith in President Trump.' Thank you to Chairman Kim. We will get it done together!" Trump tweeted.

ABC News' Conor Finnegan and Alex Stone contributed to this report.

Related Topics