The US Department of Justice on Thursday unsealed a criminal complaint charging a suspected North Korean operative with involvement in a series of cyberattacks, including the 2014 hack of Sony Pictures and the 2017 WannaCry malware attack.
The document alleges that Park Jin Hyok, a North Korean citizen, was a member of a government-backed team of hackers known as the “Lazarus Group,” while also working for a front company from the North Korean government called Chosun Expo Joint Venture.
In addition to the Sony and WannaCry attacks, the complaint links Park with the 2016 theft of US$81 million from Bangladesh Bank and a host of attacks on “entertainment, financial services, defense, technology, and virtual-currency industries, academia, and electric utilities.”
In a statement summarizing the charges, one top Justice Department official said the attacks caused “unprecedented economic damage and disruption to businesses in the United States and around the globe.”
US defense contractors, including Lockheed Martin, were among the alleged targets, though the document says the attempts to infiltrate Lockheed’s computer systems were not successful.
The complaint includes several charts detailing alleged operations: