- The Washington Times - Thursday, September 6, 2018

The Trump administration charged a North Korean spy Thursday with the 2014 hack of Sony Pictures Entertainment, and said the rogue regime in Pyongyang has been responsible for other attacks on banks, film studios and defense contractors across the globe.

The Sony hack, which resulted in a temporary worldwide shutdown of the company’s computer systems, was believed to be retaliation for the studio’s role in producing and distributing “The Interview,” a comedy mocking North Korean leader Kim Jong-un.

Authorities charged Park Jin Hyok with computer and wire fraud. They said Mr. Park is tied to North Korea’s Reconnaissance General Bureau, a state-sponsored intelligence agency that oversees the country’s cyber capabilities.

They also accused him of helping develop the February 2016 Bangladesh Bank cyber heist that saw $1 billion swiped from the financial institution, last year’s WannaCry 2.0 ransomware attack, which infiltrated more than 230,000 computers in 150 countries. That virus brought the British health-care system to a halt, infecting more than 70,000 devices, including MRI scanners and blood-storage refrigerators.

“In sum, the scope and damage of the computer intrusions perpetrated and caused by the subjects of this investigation, including Park, is virtually unprecedented,” U.S. prosecutors wrote in the 179-page compliant.

The charges were announced as President Trump is involved in high-stakes negotiations with Mr. Kim over his country’s nuclear weapons program.

It’s doubtful Mr. Park will ever face trial in the U.S., which does not have an extradition treaty with North Korea.

John Demers, assistant attorney general for the Justice Department’s National Security Division said it was one of the “most complex and longest cyber investigations” the department has undertaken.

“When the National Security Division started charging state sponsored hacking in 2014, we made it clear that working for a foreign government does not immunize them,” Mr. Demers said.

Also Thursday, the Treasury Department added Mr. Park’s name to its sanctions list. That means no bank or other financial institution that does business in the U.S. can do business with Mr. Park or provide him with an account.

“We will not allow North Korea to undermine global cybersecurity to advance its interests and generate illicit revenues in violation of our sanctions,” Treasury Secretary Steven T. Mnuchin said in a statement.

The Treasury said it will also sanction the Chosun Expo Joint Venture, also known as the Korea Expo Joint Venture, an entity that employed Mr. Park. Both the Treasury and the Justice departments said the company is a front for the North Korean government.

Chosun Expo employed a team of North Korea programmers in China, according to the complaint against Mr. Park. However, nothing the filing appears to indicate that China was involved in the hacking.

The charges against Mr. Park mark the first time the U.S. has accused a North Korean operative of a cybercrime, according to the Justice Department. In previous years, the Justice Department has charged hackers from Iran, Russia and China.

North Korea had long been suspected in the 2014 Sony Pictures hack. In January 2015, then-President Obama installed additional economic sanctions on the country in response to the hack. North Korean leaders said the accusations were groundless and the new sanctions was “stirring up bad blood towards” the country.

Although the country never said outright denied the hack, the state-run Korean Central News Agency dismissed reports of North Korea’s involvement as a “wild rumor.”

Sony Pictures lost more than 70 percent of its computer capability, erasing data on both personal computers and more than half of its servers, according to the complaint. In addition, several unreleased movies were stolen and posted on file-sharing sites for public download.

Perhaps most disturbing was the image of Sony Pictures studio chief Michael Lynton’s severed head appearing on all of its employees’ computer screens. Sony responded with a worldwide shutdown of its computer systems, leaving employees without voice mail, email or any computer devices.

It is estimated the hack cost the film company more $100 million.

Mr. Park is also accused of sending Malware to employees of AMC Theatres, one of the movie chains scheduled to show “The Interview.” Using a fake email address, Mr. Park created a Facebook account to show that he had been conducting online reconnaissance of AMC employees, U.S. authorities said.

The charges against Mr. Park were unsealed within hours of Mr. Trump praising North Korea’s leader in an early morning tweet. It is not known whether the White House knew the Justice Department would indict Mr. Park in the cyberattacks.

“Kim Jong Un of North Korea proclaims ‘unwavering faith in President Trump.’ Thank you to Chairman Kim. We will get it done together!,” Mr. Trump tweeted Thursday morning.

Sen. Mark Warner, Virginia Democrat and vice chairman of the Senate Select Committee on Intelligence, praised the FBI and Department of Justice.

“This indictment is the result of years of hard work by the FBI and Department of Justice, and is an important step in making clear to our adversaries that these kinds of criminal activities are unacceptable,” he said in a statement. “It also points to the need for a clearly thought-out and articulated strategy for deterring and punching state-sponsored cyber attacks.”

Sen. Ben Sasse, Nebraska Republican, echoed the sentiments of his colleague on the opposite side of the aisle.

“It’s been four years since North Korea’s petty little despot hacked Sony Pictures because he didn’t like a movie that a free and open society produced,” he said. “Kim showed the world both how small he was and how capable his cyber soldiers can be. Cyber war gives outsized opportunities to North Korea and its important to push back.”

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.


Click to Read More and View Comments

Click to Hide