The U.S. Justice Department has charged North Korean hackers as part of a state-sponsored conspiracy in the 2014 Sony cyberattack.
Park Jin Hyok and other unidentified co-conspirators are being charged with hacking on behalf of the North Korea Reconnaissance General Bureau, the country’s military intelligence agency. The operatives are believed to be part of the Lazarus Group, the hacking group behind the $81 million Bangladesh Bank heist in 2016. This group is also reportedly responsible for the spread of the 2017 WannaCry 2.0 ransomware attack, which infected more than 230,000 computers in 150 countries.
The Sony cyberattack was a historic, massive data breach. “The amount of data released is so large—in the tens of terabytes—that it’s a logistical challenge to even download it, much less analyze it,” Rob Price wrote at the time for the Dot. It included screeners for numerous yet-to-be-released films, scripts, private data on thousands of employees (including names, birth dates, and salaries), performance reviews, and employee travel expenses. With so much salary information leaked, it finally added transparency to the compensation in some movie-related roles, particularly within the visual effects and animation industry.
Individual Sony employees also experienced threats following the Sony cyberattack. The whole campaign was perceived as retaliation for the satirical comedy, The Interview. The movie starred Seth Rogen and James Franco and centered around a plot to assassinate North Korean dictator Kim Jong-un. Sony ended up pulling the film from theaters in the wake of the attack.
In 2015, President Obama ordered sanctions against North Korea over the Sony cyberattack, which was seen as an attack against American values. The Trump administration continued this with a formal 179-page criminal complaint against the Pyongyang operative and other Lazarus Group members.
The documents explain the evidence for a “wide-ranging, multi-year conspiracy to conduct computer intrusions and commit wire fraud by co-conspirators working on behalf of the government of the Democratic Republic of Korea.” The administration filed the complaint in June, but it wasn’t unsealed until this week.
North Korea has denied any allegations of state-sponsored hacking, despite evidence to the contrary.
H/T Washington Post