U.S. Says North Korean Charged in Sony Hack, WannaCry attack

A computer programmer accused of working at the behest of the North Korean government was charged Thursday in connection with several high-profile cyberattacks, including the Sony Pictures Entertainment hack and the WannaCry ransomware virus that affected hundreds of thousands of computers worldwide.

Park Jin Hyok, who is believed to be in North Korea, conspired with others to conduct a series of attacks that also stole $81 million from a bank in Bangladesh, according to the Justice Department’s criminal complaint. The U.S. believes he was working for a North Korean-sponsored hacking organization.

The U.S. government has previously said that North Korea was responsible for the 2014 Sony hack, which resulted in the disclosure of tens of thousands of leaked emails and other materials. The FBI had long suspected North Korea was also behind the last year’s WannaCry cyberattack, which used malware to scramble data at hospitals, factories, government agencies, banks and other businesses across the globe.

“This was one of the most complex and longest cyberinvestigations the department has taken,” said John Demers, assistant attorney general for national security.

A Sony spokeswoman declined comment Thursday. Attempts by The Associated Press to reach the alleged hacker were not immediately successful. Two Gmail addresses identified in the FBI in the complaint were listed as disabled.

The hackers used the same aliases and accounts from the Sony attack when they sent spear-phishing emails to several U.S. defense contractors, including Lockheed Martin, and others in South Korea, officials said.

The criminal complaint alleges that the hackers committed several attacks from 2014 until 2018. The investigation is continuing.

Cybersecurity experts have said portions of the WannaCry program used the same code as malware previously distributed by the hacker collective known as the Lazarus Group, which is believed to be responsible for the Sony attack.

It is the first time the Justice Department has brought criminal charges against a hacker said to be from North Korea. In recent years the department has charged hackers from China, Iran and Russia in hopes of publicly shaming other countries for sponsoring cyberattacks on U.S. corporations.

In 2014, for instance, the Obama administration charged five Chinese military hackers with a series of digital break-ins at American companies, and last year, the Justice Department charged Russian hackers with an intrusion at Yahoo Inc.