The US has charged a North Korean programmer for the WannaCry ransomware attack in 2017 and the Sony Pictures hack in 2014.

The programmer, 34-year-old Park Jin Hyok, allegedly works for a North Korean spy agency called the Reconnaissance General Bureau, the US Justice Department said on Thursday.

Although the US previously blamed North Korea for the both the WannaCry and Sony Pictures cyber attacks, this is the first time federal investigators have publicly named a suspect in the crimes.

The Justice Department says Park and other unnamed co-conspirators were involved in a barrage of cyber attacks that also involved an $81 million heist on the Bank of Bangladesh in 2016 and attempts to infiltrate companies such as Lockheed Martin.

The federal arrest warrant for Park was issued by the US in June, but only unsealed today. Park allegedly worked in China from at least 2011 to 2013, but returned to North Korea shortly before the hack on Sony Pictures in 2014.

Officials say Park at times traveled to neighboring China and conducted work under a front company called Chosun Expo, a software and gambling products supplier. One of his goals was to generate revenue for the North Korean government, federal investigators claim.

Recommended by Our Editors

Google Will Soon Spot Fake Calls on Supported Android Phones

Report Cites Misinformation As Key Threat to Election Security, Doesn't Name the Biggest Offenders

Meta's AI Chatbot Allegedly Helped Hackers Hijack Instagram Accounts

To attack his targets, Park and his cohorts used phishing emails that were made to look like official messages from Google or Facebook, but actually contained links to install malware. To breach Sony Pictures, they also created fake Facebook profiles that sent messages to company employees with links to nude photos of celebrities. To target banks, Park allegedly used "watering hole" attacks, which involved secretly taking over legitimate websites to spread malware.

However, federal investigators—who obtained 100 search warrants for 1,000 email and social media accounts involved in the hacks—uncovered a large network of different internet accounts the North Korean programmer allegedly used.

They found that Park used his real name in email accounts for his front company, Chosun Expo. One such account, ttykim1018@gmail.com, has links to tty198410@gmail.com, which was used to target multiple victims including Sony Pictures and the Bank of Bangladesh, federal investigators claim.

"For instance, a remote file-storage service associated with tty198410@gmail.com contained a 5.1 megabyte password-protected file titled '203- 8-24.rar,' and ttykim1018@gmail.com was the only other account that had access to the password-protected file," the complaint against Park says. "Ttykim1018@gmail.com was also listed as one of only two accounts in the contacts list of tty198410@gmail.com."

US officials said they've had no talks with North Korea over extraditing Park, but plan on using US sanctions to both punish him and his front company. Park has been charged with conspiracy to commit wire fraud and other computer-related fraud crimes.

Investigators also suspect Park was working with a whole team of hackers, but they've so far refrained from publicly charging them.

US Sen. Mark Warner, a Virginia Democrat, called Thursday's action "an important step in making clear to our adversaries that these kinds of criminal activities are unacceptable." But he added, "it also points to the need for a clearly thought-out and articulated strategy for deterring and punishing state-sponsored cyberattacks."

Editor's note: This story was updated at 3 p.m. ET with more details.