FBI
This FBI-provided photo shows Rim Jong Hyok, a member of the Andariel Unit of the North Korean Government’s Reconnaissance General Bureau, a North Korean military intelligence agency.
CNN  — 

The US Justice Department on Thursday announced the indictment of an alleged North Korean government-backed hacker for allegedly participating in a scheme to break into US hospital computer systems and extort them for ransom.

Rim Jong Hyok is part of a group of hackers working for North Korea’s military intelligence agency that uses ransoms collected from health care providers to fund further hacking operations against US government agencies and contractors, the US government alleges.

The hacks of health care providers locked up medical records and disrupted health care services in the US, US officials said. The North Korean hackers’ victims included hospitals in Florida and Kansas, health care firms in Arkansas and Connecticut, and a medical clinic in Colorado, according to the indictment unsealed in the US District Court for the District of Kansas.

The State Department offered a reward of up to $10 million for information on Rim.

US, South Korean and British government security agencies also on Thursday released information on the North Korean hackers’ tactics and warned that the hackers were targeting classified and other sensitive information at nuclear, aerospace and other sectors to advance Pyongyang’s military and nuclear programs.

One hack in 2022 carried out by the North Korean group against a US defense contractor led to the theft of reams of sensitive data, including material used in military aircraft and satellites, according to the State Department. Much of the stolen information was from 2010 or earlier, the department said.

North Korean hackers have stolen billions of dollars from banks and cryptocurrency firms over the last several years, providing a key source of revenue for the regime, according to reports from the United Nations and private firms.

Thwarting North Korean hacking and money laundering has become a national security priority for the Biden administration. About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said last month.

CNN previously reported on how South Korean spies and American companies try to intercept cryptocurrency stolen by North Korean hackers. Another CNN investigation identified one cryptocurrency entrepreneur who said his firm had unwittingly sent a North Korean IT worker tens of thousands of dollars.