The FBI has charged a North Korean computer programmer with a series of high-profile cyber attacks including the 2017 WannaCry ransomware attack and the hacking of Sony Pictures in 2014.
Park Jin Hyok, who is believed to be in North Korea, acted on behalf of the North Korean government, the US says.
He is also charged with conspiring with others to steal $81 million from a bank in Bangladesh, according to the Justice Department’s criminal complaint.
The US believes he was working for a North Korean-sponsored hacking organisation also known as the Lazarus Group, which tried to breach multiple other US businesses, according to the complaint, including defence contractor Lockheed Martin Corp.
The complaint said there was no evidence Lockheed was breached.
The FBI had long suspected North Korea was also behind the last year’s WannaCry cyberattack, which used malware to scramble data at hospitals, factories, government agencies, banks and other businesses across the globe.
It infected more than 300,000 computers in 150 countries and was considered unprecedented in scale at the time, knocking British hospitals offlineand disrupting FedEx’s IT networks.
The Sony attack led to the release of a trove of sensitive personal information about Sony employees, including social security numbers, financial records, salary information, as well as embarrassing emails among top executives.
The hack included four yet-to-be released Sony films, among them Annie, and one that was in theatres, the Brad Pitt film Fury, and cost the company tens of millions of dollars.
“This was one of the most complex and longest cyber investigations the department has taken,” assistant attorney general for national security John Demers said.
US officials believe the Sony hack was retribution for The Interview, a comedy film that starred Seth Rogen and James Franco and centred on a plot to assassinate North Korea’s leader, Kim Jong-un.
Sony cancelled the theatrical release of the film amid threats to moviegoers but released it online through YouTube and other sites.
The criminal complaint, filed in Los Angeles, alleges the hackers committed several attacks from 2014 until 2018. The investigation is continuing.
It is the first time the Justice Department has brought criminal charges against a hacker said to be from North Korea.
In recent years the department has charged hackers from China, Iran and Russia in hopes of publicly shaming other countries for sponsoring cyberattacks on US corporations.
But it is unlikely he will be extradited because the US has no formal relations with North Korea and the North Korean government was not notified about the charges.