On-Air Saturdays 10-2, Sundays 1-6 and Fill In

North Korean man indicted for cyberattack on Kansas hospital

Home
Local News
News
North Korean man indicted for cyberattack on Kansas hospital

Posted July 25, 2024

The U.S. Attorney’s Office for Kansas and the Department of Justice have announced an indictment against a North Korean national for his involvement in a conspiracy to hack and extort hospitals and other health care providers. A grand jury in Kansas City, Kansas returned the indictment on Wednesday against a man identified as Rim Jong Hyok.

The U.S. Attorney for the District of Kansas, Kate Brubacher, announced the indictment at a news conference with FBI officials. She said Hyok and others used ransomware to extort money from hospitals in Kansas, Arkansas and other states. She did not identify the Kansas hospital, but she said the attack happened in May 2021 when hackers encrypted the medical center’s files and servers. The hospital paid about $100,000 in Bitcoin to get its data back. Brubacher said the Justice Department has recovered that ransom as well as a payment from a Colorado healthcare provider affected by the same ransomware.

Special Agent in Charge Stephen Cyrus with the FBI Kansas City field office said the hackers would launder the proceeds from the extortion scheme and then North Korea would use it to continue cyberattacks on U.S. government, technology and defense agencies. He said this had a direct impact on the citizens of Kansas, “These actions keep our families from getting the health care they need, slowing the response of our first responders, endangering our critical infrastructure and, ultimately, costing Kansans through ransoms paid, lost productivity, and money spent to rebuild our networks following cyber attacks. Today’s charges prove these cyber actors cannot act with impunity and that malicious actions against the citizens of Kansas and the rest of the United States have severe consequences.”

The U.S. State Department has announced a $10 million reward for information leading to the identification or location of Rim. The indictment alleges that Rim worked for North Korea’s Reconnaissance General Bureau (RGB), a military intelligence agency, and participated in the conspiracy to target and hack computer networks of U.S. hospitals and other health care providers, encrypt their electronic files, extort a ransom payment from them, launder those payments, and use the laundered proceeds to hack targets of interest to the North Korean regime.