US Offers $10M Double-Reward for North Korea Cyberattacker Info

North Korean state-sponsored actors, who help economically prop up Kim Jong Un's dictatorship, continue to pummel US infrastructure.

Image of North Korean flag
Source: Panther Media GmbH via Alamy

The federal Rewards for Justice program has doubled, to $10 million, the available reward for useful information about North Korean state-sponsored actors' attacks on US healthcare systems and other critical infrastructure.

The State Department has a Tor-based tip line where anyone can submit information they have on North Korean-sponsored threat actors, including Lazarus Group, Kimsuky, BlueNoroff, and Andariel, all linked to the DPRK government apparatus.

Earlier this month, the FBI, US Cybersecurity and Infrastructure Agency (CISA), and the Treasury Department issued a warning that North Korean state-sponsored actors are attacking the US healthcare and public health sectors with a new ransomware tool called Maui.

Also in July, Microsoft warned that a North Korean APT threat it calls DEV-0530 has been using a custom ransomware dubbed H0lyGh0st to successfully compromise small businesses in multiple countries.

The hefty reward signals the success the DPRK has had using cybercrime to fund its activities as a way to work around stringent international sanctions, according to Kevin Bocek, vice president of security strategy and threat intelligence at Venafi.

"This money is being funneled directly into weapons programs, and cybercrime has become an essential cog in the ongoing survival of Kim Jong Un's dictatorship," Bocek said via email, in reaction to the reward hike announcement. "Worryingly, this blueprint is also being mimicked by other rogue states. So, cutting North Korean cybercrime off at the source is essential to the national security of the U.S. and its allies."

About the Author

Becky Bracken, Senior Editor, Dark Reading

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights