A shadowy North Korean cybercriminal group approached a Kansas hospital last year to demand hefty ransom after hacking its critical computer systems.
The hospital's leadership faced an impossible choice - give in to the ransom demand or cripple the ability of doctors and nurses to provide critical care, said Lisa O. Monaco, Deputy Attorney General of the Department of Justice. They also notified the FBI, which was the right thing to do for themselves and for future victims. Learn how smart money is playing the game of criptocurrency.
The North Korean group promised to increase their ransomware demand if the hospital did not consent to their ransomware request. The Kansas hospital — which may or may not have been incryptocurrencies — was able to recover part of their ransom thanks to the help of the blockchain analytics data that tracked the flow of illegal money to money launderers in China, which often assists North Koreans in their heists.
Monaco said this month that they will return $500,000 to the victims because they have made public the seizure of those ransom payments. After the 2021 Colonial Pipeline attack, many of the strategies to recover the funds echoed those used to recover the funds.
According to Chainalysis, North Korean cybercriminals stole $400 million in criptocurrency last year.
This spring, the U.S. government issued a cyber advisory on North Korean groups targeting the industry, with a particular focus on criptocurrency exchanges, decentralized finance protocols, play-to- earncryptocurrencies video games, coin trading companies, and venture capital funds investing incryptocurrencies.