Most Wanted - North Korean Hackers 

The US, South Korea and Britain have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets. The Andariel group has been compromising organisations around the globe as it attempts to steal highly classified technical information and intellectual property data, according the the British National Cyber Security Centre (NCSC). 

Andariel's campaigns are carried out to "further the regime's military and nuclear ambitions". Now, the US has placed a $10 million bounty on a North Korean citizen connected with Andariel.  He is accused him of attacking health care systems with ransomware as well as hacking NASA and the US Air Force.

The NCSC, along with the FBI in the US and South Korea's national intelligence service, have issued a joint warning and advisory note about Andariel's actions. 

They have urged critical infrastructure organisations to "stay vigilant" against such cyber operations. “The US Department of State’s Rewards for Justice program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act,” says the US Dept of State.

Andariel focuses on targeting defence contractors, military organisations and governments for espionage.
Over time, the group has branched out into other sectors, targeting information on nuclear weapons and, particularly during the pandemic, organisations in the life sciences and pharmaceutical sector, according to research by cyber security company Secureworks.

The reward is for information that could lead to the identification or location of Rim Jong Hyok, who is “associated with a malicious cyber group known as Andariel,” the US State Department says.

The FBI also issued a wanted notice for Rim the same day after a US court in Kansas issued a federal warrant for his arrest on July 24 on charges of conspiracy to commit computer hacking and conspiracy to commit promotion money laundering.

Rim is a member of the Andariel Unit that acts on behalf of North Korea’s military intelligence agency, the Reconnaissance General Bureau, the FBI notice says

According to NCSC director of operations Paul Chichester "The global cyber espionage operation that we have exposed today shows the lengths that North Korean state-sponsored actors are willing to go to pursue their military and nuclear programmes."

Andariel is understood to be a unit of the North Korean military's Reconnaissance General Bureau (RGB) 3rd bureau, and the group's malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, according to the the NCSC. 

The group has primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors. In particular, Andariel has attempted to obtain information including contract specification, design drawings and other secret project details. 

US Sate Dept.   |   NCSC   |   CISA   |   Secureworks   |   Sky   |    NKNews   |    FBI    |   Yahoo 

Image: FBI 

You Might Also Read: 

Joint Opposition To Online Threats From North Korea:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« CrowdStrike’s Cyber Outage Will Cost $Billions
Ghost Accounts Spreading Malware On GitHub »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Radiant Logic

Radiant Logic

Radiant Logic is a market-leading provider of federated identity solutions based on virtualization, and delivers simple, logical, and standards-based access to all identities within an organization.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Sasa Software

Sasa Software

Sasa Software is a cybersecurity software developer specializing in the prevention of file-based network attacks.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

Cyber Security Centre - Daffodil International University

Cyber Security Centre - Daffodil International University

Cyber Security Centre, DIU is a non-profitable organization which is focused on applied research in cyber security.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

Leidos

Leidos

Leidos is a recognized leader in cybersecurity across the federal government, bringing more than a decade of experience defending cyber interests globally.

Anxinsec

Anxinsec

Anxinsec Technology is a security solution and service provider with a focus on new technology and innovations in cybersecurity.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

FluidOne

FluidOne

FluidOne are an award-winning Connected Cloud Solutions provider. We design tailored solutions to help customers and partners digitally transform their IT and communications.

inSOC

inSOC

inSOC is an enterprise-grade AI-driven SOCaaS solution detecting breaches 24/7 with vulnerability management built-in. Designed for MSPs and MSSPs.

Barrier Networks

Barrier Networks

Barrier Networks are a Cyber Security Managed Service Provider that specialises in Network and Application security.