North Korean charged in crippling Sony hack, WannaCry virus

First Assistant US Attorney Tracy Wilkison announces charges against a North Korean national in a range of cyberattacks on September 6, 2018 in Los Angeles, California. (Mario Tama/Getty Images/AFP)
Updated 07 September 2018
0

North Korean charged in crippling Sony hack, WannaCry virus

LOS ANGELES: A computer programmer working for the North Korean government was charged with devastating cyberattacks on Sony Pictures Entertainment and for the WannaCry ransomware virus that infected computers in 150 countries and crippled parts of the British health care system, federal prosecutors said Thursday.
Park Jin Hyok, who is believed to be in North Korea, conspired to conduct a series of attacks that also stole $81 million from a bank in Bangladesh, according to charges unsealed in Los Angeles federal court following years of investigation. The US believes he was working for a North Korean-sponsored hacking organization.
The US government previously said North Korea was responsible for the 2014 Sony hack that led to the release of a trove of sensitive personal information about employees, including Social Security numbers, financial records, salary information, as well as embarrassing emails among top executives. The hack included four yet-to-be released Sony films, among them “Annie,” and one that was in theaters, the Brad Pitt film “Fury,” and cost the company tens of millions of dollars.
The FBI had long suspected North Korea was also behind last year’s WannaCry cyberattack, which used malware to scramble data on hundreds of thousands of computers at hospitals, factories, government agencies, banks and other businesses across the globe.
“The criminal conduct outlined in this case is intolerable,” said Tracy Wilkison, the first assistant US attorney in Los Angeles. “The North Korean-backed conspiracy attempted to crush freedom of speech in the US and the UK It robbed banks around the world. And it created indiscriminate malware that paralyzed computers and disrupted the delivery of medical care.”
The charges were filed under seal June 8, four days before President Trump’s historic meeting with North Korea’s leader, Kim Jong Un, to discuss ending decades of hostility between the two countries. Prosecutors said the complaint was sealed for a variety of reasons and wasn’t done to prevent derailing the Singapore talks.
“This has nothing to do with the summit and nothing to do with denuclearization,” Wilkison said.
US officials believe the Sony hack was retribution for “The Interview,” a comedy starring Seth Rogen and James Franco in a plot to assassinate Kim. Sony canceled the theatrical release of the film amid threats to moviegoers but released it online through YouTube and other sites.
A Sony spokeswoman declined comment Thursday. Attempts by The Associated Press to reach the alleged hacker were not immediately successful. Two Gmail addresses identified in the FBI in the complaint were listed as disabled.
Among the emails released in the hack was an exchange in which Amy Pascal, then co-chairman of the studio, and “The Social Network” producer Scott Rudin joked about what might be then-President Barack Obama’s favorite movies, listing “12 Years a Slave” and films by black comedian Kevin Hart.
The pair apologized. Pascal left her job months later.
In addition to targeting Sony, hackers sent spear-phishing emails to employees at AMC Theaters, which had planned to screen the movie, and to a British company producing a fictional television series about a scientist taken prisoner in North Korea, authorities said.
The hackers used the same aliases and accounts from the Sony attack when they sent spear-phishing emails to several US defense contractors, including Lockheed Martin, and others in South Korea, officials said.
The criminal complaint says the hackers committed several attacks from 2014 into 2018, attempting to steal more than $1 billion from banks around the world. The investigation is continuing.
The hackers also targeted technology and virtual currency industries, as well as academia and electric utilities, authorities said.
“This case warrants attention whether you are an individual, a small business or a major corporation,” FBI Special Agent Jennifer Boone said. “Terms you’ll see in the complaint, such as watering holes and back doors, don’t sound menacing, but in reality they describe malicious cyber techniques that wreak havoc on our computer systems and our lives.”
Cybersecurity experts have said portions of the WannaCry program used the same code as malware previously distributed by the hacker collective known as the Lazarus Group, which is believed to be responsible for the Sony hack.
The complaint said Park was on a team of programmers employed an organization called Chosun Expo that operated out of Dalian, China, and that the FBI described as “a government front company.”
A North Korea-registered website bearing that company’s name described it as the country’s “first Internet company,” established in 2002.
A 2015 version of the Chosun Expo website said it focused on gaming, gambling, e-payments and image recognition software. It looked in many ways like a typical tech company, boasting of its “pioneering” IT talent and customer satisfaction. By July 2016, Internet archival records show, the company dropped the reference to North Korea from its home page. The site later vanished from the web.
Emails sent to Chosun Expo’s generic email address and to the website’s original registrant, whose name was given as Won Sun Chol, went unreturned.
It is the first time the Justice Department has brought criminal charges against a hacker said to be from North Korea. In recent years the department has charged hackers from China, Iran and Russia in hopes of publicly shaming other countries for sponsoring cyberattacks on US corporations.
In 2014, for instance, the Obama administration charged five Chinese military hackers with a series of digital break-ins at American companies, and last year, the Justice Department charged Russian hackers with an intrusion at Yahoo Inc.
The Treasury Department also added Park Jin Hyok’s name to their sanction list, which prohibits banks that do business in the US from providing accounts to him or Chosun Expo.
Park, whose age is not known, is charged with two counts alleging conspiracies to commit computer and wire fraud — crimes that could carry a prison term up to 25 years.
It’s unlikely he will be extradited because the US has no formal relations with North Korea.
The North Korean government was not notified about the charges, which are likely to be a source of irritation.
Diplomatic efforts have sputtered since the June summit, though Kim said through South Korean security officials Thursday that he still has faith Trump is committed to ending hostile relations.
Trump thanked Kim on Twitter and said, “We will get it done together!“


Pakistan is rapidly becoming a “digital-first country”, Google

Updated 20 November 2018
0

Pakistan is rapidly becoming a “digital-first country”, Google

  • Pakistan digital growth is supported by population and increasing penetration of internet, IT experts
  • Prime Minister’s Taskforce on IT and Telecom to meet next week to draw comprehensive policy

KARACHI: Destine to become the fourth fastest growing economy by 2030, Pakistan, supported by a growing population, fast growing business and increasing penetration of Internet, is poised to grab first position among the digital economies, Information Technology (IT) experts say.
US technology giant, Google, says Pakistan is quickly becoming a “digital-first country”, which means there are new opportunities for brands to reach and engage with consumers that may have previously been overlooked.
“It shows that Google has realized the marketing potential of the country and they are now encouraging businesses to focus on Pakistan as a potential market,” Badar Khushnood, vice president of growth at Fishry.Com and vice chairman of [email protected], commented.
According to Google, there are five reasons for “considering expanding your digital campaigns into Pakistan”.
Pakistan’s growing population is the first reason that makes the country attractive for the foreign and local investors to venture into the IT sector.
“Pakistan has a population of more than 202 million people, which means there are lot of potential consumers coming online every day. And the country is even more urbanized than neighboring India, with nearly 40 percent of total households living in cities,” writes Lars Anthonisen, head of large customer marketing, South Asia, Google.
Pakistan’s economy grew by 5.7 percent in fiscal year 2018. HSBC in is recent report published in September 2018 has projected Pakistan to become the fourth fastest growing economy by 2030.
Around 90 percent of the companies in the country are SMEs which are contributing more that 40 percent to the country’s 313 billion economy, according to the State Bank of Pakistan.
Third attraction, according to Google, is the country’s growing smart phone users. Pakistan has 152 million cellar subscribers, and 60 million 3G/4G subscribers, according to Pakistan Telecommunication Authority (PTA).
This number will likely grow quickly as smart phone prices have dropped over the last few years. Pakistan also has some of the cheapest data prices in the world, which is helping to grow mobile app usage, according to Google.
However, experts say more work is needed to be done to fully utilize the existing potential. “We need to work on optic fibers, penetration of 4G, creation of data centers, telecom infrastructure and most importantly creation of awareness among masses,” Pervaiz Iftikhar, a member of the newly formed prime minister’s Taskforce on IT and Telecom, told Arab News.
Pakistan’s overall Internet penetration stands at 29.9 percent with 62 million broadband subscribers, a fourth attraction for the investor, as per Google. In spite of this, digital consumption in the country continues to grow quickly. YouTube watch time, for example, has seen over 60 percent growth over the last three years.
The Chinese-Pakistan Economic Corridor (CPEC) is the largest Chinese investment venture in Pakistan with around $62 billion, a fifth reason to look toward Pakistan.
The mega project under BRI is not only limited to the infrastructure and energy sector but it is also contributing to the growth of the IT sector in Pakistan.
“One of the first CPEC projects is to lay 820 kilometers of fiber-optic cable, connecting more Pakistanis to the Internet. This is in addition to ongoing investments in 3G and 4G network expansions from China Mobile, and the company has already announced plans to invest another $225 million in 4G expansion (bringing its total investment to $2.4 billion),” writes Lars Anthonisen.
“We have to connect every village through fiber optics that will not only create thousands of jobs but would multiply opportunities for the IT business countrywide,” Pervaiz Iftikhar added.
“A lot of potential exists in the IT sector of Pakistan with the young population turning to computers, smart phones and other digital means, and the country offers big market for local and foreign investors”, Jehan Ara, another member of the prime minister’s Taskforce on IT and Telecom and president of [email protected], commented.
Badar Khushnood, who is also former consultant of Google, Facebook and Twitter, called for comprehensive policy for the growth of the IT sector.
“Taxation systems should be rationalized, simplified, and encouraging for startups. The country also needs data protection laws, and broader cyber laws,” he added.
The first meeting of the prime minister’s Task Force on IT and Telecom is expected to be held next week in Islamabad. “Comprehensive strategy including short term and long term measures would be discussed in the upcoming meeting of taskforce because country needs a policy for the persistent growth of IT and Telecom sector”, Pervaiz Iftikhar informed.