Most Wanted - North Korean Hackers 

The US, South Korea and Britain have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets. The Andariel group has been compromising organisations around the globe as it attempts to steal highly classified technical information and intellectual property data, according the the British National Cyber Security Centre (NCSC). 

Andariel's campaigns are carried out to "further the regime's military and nuclear ambitions". Now, the US has placed a $10 million bounty on a North Korean citizen connected with Andariel.  He is accused him of attacking health care systems with ransomware as well as hacking NASA and the US Air Force.

The NCSC, along with the FBI in the US and South Korea's national intelligence service, have issued a joint warning and advisory note about Andariel's actions. 

They have urged critical infrastructure organisations to "stay vigilant" against such cyber operations. “The US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act,” says the US Dept of State.

Andariel focuses on targeting defence contractors, military organisations and governments for espionage.
Over time, the group has branched out into other sectors, targeting information on nuclear weapons and, particularly during the pandemic, organisations in the life sciences and pharmaceutical sector, according to research by cyber security company Secureworks.

The reward is for information that could lead to the identification or location of Rim Jong Hyok, who is “associated with a malicious cyber group known as Andariel,” the US State Department says.

The FBI also issued a wanted notice for Rim the same day after a US court in Kansas issued a federal warrant for his arrest on July 24 on charges of conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

Rim is a member of the Andariel Unit that acts on behalf of North Korea’s military intelligence agency, the Reconnaissance General Bureau, the FBI notice says

According to NCSC director of operations Paul Chichester "The global cyber espionage operation that we have exposed today shows the lengths that North Korean state-sponsored actors are willing to go to pursue their military and nuclear programmes."

Andariel is understood to be a unit of the North Korean military's Reconnaissance General Bureau (RGB) 3rd bureau, and the group's malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, according to the the NCSC. 

The group has primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors. In particular, Andariel has attempted to obtain information including contract specification, design drawings and other secret project details. 

US Sate Dept.   |   NCSC   |   CISA   |   Secureworks   |   Sky   |    NKNews   |    FBI    |   Yahoo 

Image: FBI 

You Might Also Read: 

Joint Opposition To Online Threats From North Korea:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« CrowdStrike’s Cyber Outage Will Cost $Billions
Ghost Accounts Spreading Malware On GitHub »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Team Cymru Research NFP

Team Cymru Research NFP

Team Cymru Research is a group of technologists passionate about making the Internet more secure and dedicated to that goal.

Clearwater Security & Compliance

Clearwater Security & Compliance

Clearwater Compliance specialize in Privacy, Security, Compliance and Risk Management Solutions for Health Care, Law Firms and other businesses.

PakCERT

PakCERT

PakCERT is the national Computer Emergency Response Team for Pakistan.

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

Department of Energy - Cybersecurity, Energy Security, and Emergency Response (CESER)

The Office of Cybersecurity, Energy Security, and Emergency Response (CESER) addresses the emerging threats of tomorrow while protecting the reliable flow of energy to Americans today.

Slovenian Digital Coalition

Slovenian Digital Coalition

Slovenian Digital Coalition is a coalition working in the field of smart cities, e-commerce, e-skills, e-inclusion, cyber security, internet and other areas related to developing the digital society.

FraudHunt

FraudHunt

FraudHunt protects your website from account fraud, ad fraud, fraud clicks, and malicious bots.

Sphonic

Sphonic

Sphonic provides regulated institutions of any size a powerful compliance & risk platform to quickly and securely onboard new customers and manage ongoing AML and Fraud & Risk trends.

SlowMist

SlowMist

SlowMist is a blockchain ecosystem security company providing cybersecurity audits and protection for leading digital asset exchanges, crypto wallets, public chains, and smart contracts.

Visium Technologies

Visium Technologies

Visium Analytics provides innovative data visualization, cybersecurity technologies and solutions to businesses to protect and secure their data assets.

Optimum Speciality Risks

Optimum Speciality Risks

Optimum Speciality Risks are an experienced team of cyber insurance experts, backed by Lloyds of London.

Bechtle

Bechtle

Bechtle is one of Europe’s leading IT service providers offering a blend of direct IT product sales and extensive systems integration services.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

The Hacking Games

The Hacking Games

The Hacking Games' Mission is to inspire, educate and mobilise a generation of ethical hackers to make the world a safer place.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.

RedSense

RedSense

RedSense provides industry-leading threat intelligence services, adversary space interaction & monitoring, net flow monitoring and interpretation for our clients.