Most Wanted - North Korean Hackers 

The US, South Korea and Britain have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets. The Andariel group has been compromising organisations around the globe as it attempts to steal highly classified technical information and intellectual property data, according the the British National Cyber Security Centre (NCSC). 

Andariel's campaigns are carried out to "further the regime's military and nuclear ambitions". Now, the US has placed a $10 million bounty on a North Korean citizen connected with Andariel.  He is accused him of attacking health care systems with ransomware as well as hacking NASA and the US Air Force.

The NCSC, along with the FBI in the US and South Korea's national intelligence service, have issued a joint warning and advisory note about Andariel's actions. 

They have urged critical infrastructure organisations to "stay vigilant" against such cyber operations. “The US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act,” says the US Dept of State.

Andariel focuses on targeting defence contractors, military organisations and governments for espionage.
Over time, the group has branched out into other sectors, targeting information on nuclear weapons and, particularly during the pandemic, organisations in the life sciences and pharmaceutical sector, according to research by cyber security company Secureworks.

The reward is for information that could lead to the identification or location of Rim Jong Hyok, who is “associated with a malicious cyber group known as Andariel,” the US State Department says.

The FBI also issued a wanted notice for Rim the same day after a US court in Kansas issued a federal warrant for his arrest on July 24 on charges of conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

Rim is a member of the Andariel Unit that acts on behalf of North Korea’s military intelligence agency, the Reconnaissance General Bureau, the FBI notice says

According to NCSC director of operations Paul Chichester "The global cyber espionage operation that we have exposed today shows the lengths that North Korean state-sponsored actors are willing to go to pursue their military and nuclear programmes."

Andariel is understood to be a unit of the North Korean military's Reconnaissance General Bureau (RGB) 3rd bureau, and the group's malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, according to the the NCSC. 

The group has primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors. In particular, Andariel has attempted to obtain information including contract specification, design drawings and other secret project details. 

US Sate Dept.   |   NCSC   |   CISA   |   Secureworks   |   Sky   |    NKNews   |    FBI    |   Yahoo 

Image: FBI 

You Might Also Read: 

Joint Opposition To Online Threats From North Korea:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« CrowdStrike’s Cyber Outage Will Cost $Billions
Ghost Accounts Spreading Malware On GitHub »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

National Trading Standards eCrime Team (NTSeCT)

National Trading Standards eCrime Team (NTSeCT)

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Cydome

Cydome

Cydome offers full-spectrum cybersecurity solutions tailored for the maritime industry.

CyberSec.sk

CyberSec.sk

CyberSec.sk is the Slovak portal bringing the latest cyber security news, politics, tips and instructions on how to protect the internet.

Evidence Talks Ltd

Evidence Talks Ltd

A leading forensic computing authority developing unique digital forensic technologies. Tools that detect potential terrorists & criminals & used by the military, enforcement & intelligence commmunity

Cyberteq

Cyberteq

Cyberteq is an innovative Information and Communication Technology Consulting Company, enabling it’s customers to take full advantage of the latest technologies in a secure manner.

Checksum Consultancy

Checksum Consultancy

Checksum Consultancy specializes in Information security, Risk management, and IT governance.

National Initiative for Cybersecurity Education (NICE)

National Initiative for Cybersecurity Education (NICE)

NICE is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.

High Wire Networks

High Wire Networks

High Wire Network’s Overwatch Managed Security Plaform-as-a-Service offers organizations end-to-end protection for networks, data, endpoints and users.

InfoLock

InfoLock

Infolock are experts in data governance, providing consulting and advisory services that help organizations effectively secure, manage, and optimize their data.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

Mitiga

Mitiga

Mitiga uniquily combines the top cybersecurity minds in Incident Readiness and Response with a cloud-based platform for cloud and hybrid environments.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

Trojan Horse Security

Trojan Horse Security

Trojan Horse Security are specialists in corporate security. Our services include: Comprehensive Cyber Security Analysis, Penetration Testing, Network Security and Security Audits.