Department of Justice (DOJ) Officials have Unsealed a 179 Page Complaint against a North Korean Hacker, marking a New Benchmark in U.S. efforts to Crack Down on Foreign Cyberattacks. The Document alleges that a North Korean Programmer, alongside others, Executed Major Attacks with the backing of Kim Jong Un’s Government. And DOJ Officials are touting the Findings as an Example of their Willingness to go after Foreign Cyber Actors who Engage in Cyberattacks against the U.S. and its Allies.
The DOJ Criminal Charges against North Korean Computer Programmer, Park Jin Hyok Park, and Treasury also Sanctioned Park’s Employer, Chosun Expo Joint Venture, also called Korea Expo Joint Venture (KEJV), it said. The Firm is an “agency, instrumentality, or controlled entity” of the North Korea Government, it added. It was Ssanctioned “for having engaged in significant activities undermining cybersecurity through the use of computer networks or systems against targets outside of North Korea on behalf of the Government of North Korea or the Workers’ Party of Korea.”
“The charges reflect the department's determination and ability to follow the facts and the law, and to hold individuals and nations accountable for their crimes,” Assistant Attorney General for National Security John Demers told Reporters on Thursday. The Allegations Date back to 2014, a Sign that Officials are not willing to let Past Attacks slide as they attempt to Guard against Foreign efforts to Influence the November Midterm Elections.
Demers noted during a Press Call that with the Complaint against North Korea, DOJ has now Retaliated against Four Nations believed to be hostile Cyber Actors; the others are: China, Iran, and Russia. He said that when the U.S. began issuing the Charges, starting with those against Chinese Nationals in 2015, U.S. officials “made clear that working with a foreign government does not immunize criminal conduct.”
The Complaint goes into great Detail about how the Cyberattacks, believed to be backed by the North Korean Government, were carried out. The 2014 Hack on Sony, the Theft of about $81 Million from the National Bank of Bangladesh, and last year’s WannaCry Ransomware Attack are all Described in the Documents.
Experts say that Lengthy and Specific Complaints like the one Issued this past Week help Reveal the Strategies and Techniques used by Hackers, while demonstrating that the U.S. is making Strides in how it Cracks down on Malicious Cyber Actors.
Eric Chien, the Technical Director of Cybersecurity firm Symantec’s Security Response, said that the continuing U.S. Actions against Hostile Nation States shows a High-Level of Commitment on the Part of the Federal Government. “I think the U.S. has demonstrated they're willing to invest and go after these attacks and they're not just going to let them slide,” he said. Symantec had been Tracking the North Korean Hackers and was Referenced in the Complaint. Chien said that while the immediate Impact of the Complaint is unknown, “it's pretty clear the U.S. is intent on taking steps to demonstrate that these types of actions aren't acceptable.”
The Programmer named in the Indictment, Park Jin Hyok, allegedly worked for a Group on Behalf of North Korean Intelligence that was tasked with generating Revenue. Several of the Group’s Hacks focused on Financial Institutions. The Motivations of the North Korean Hackers differed from those of other Countries who usually Engage in other Cyber Crimes. For example, Special Counsel Robert Mueller Charged about a Dozen Russian Military Intelligence Officers with the 2016 Hack of the Democratic National Committee (DNC).
Benjamin Read, Head of Cyber Espionage Analysis for FireEye, said the Extensive Detail in this recent Complaint could send a Message to the North Korean Hackers that U.S. Officials are looking over their shoulder. “I do think the detail is notable because you can really show all of their work,” Read said of the Complaint. “We'll see if that has a different effect than the other public statements.” Researchers at FireEye helped DOJ with its Analysis of some of the Allegations in the Document. Still, Read noted that the U.S. had Slapped Sanctions against North Korea after the 2014 Sony Hack, yet the Hackers forged ahead, taking on more Sophisticated Forms of Attacks.
Lawmakers on both sides of the Aisle, however, raised Questions about the Effectiveness of a Legal Complaint, pointing out that the chances of North Korea Extraditing the Charged Programmer are slim to none.
Sen. Mark Warner (VA), the Ranking Democrat on the Senate Intelligence Committee, called the Complaint an example of why the U.S. needs to have a more Cohesive Strategy in place to deter Cyberattacks.
Sen. Ben Sasse (R-NE) highlighted how much time had passed between the Complaint and the 2014 Hack on Sony. “Cyber war give outsized opportunities to North Korea and it’s important to push back,” Sasse said in a Statement.
Experts said that while the Hackers are likely to continue their Efforts, the Legal Documents nonetheless send a strong Message that the U.S. is Prioritizing the Prosecution of Cyber Crimes. Chien said that U.S. Officials just Five years ago may have Struggled to determine who was behind Cyberattacks, but the New Charging Document is a Sign that Attribution is no longer a Major Hurdle. “I think anyone has to expect that the U.S. is not going to shy away from this and they're going to continue to release these indictments,” He said.
NYC Wins When Everyone Can Vote! Michael H. Drucker
