North Korea has unleashed its army of hackers in an effort to steal trade secrets from South Korea so that it can create its own heavy construction industry.
Hackers from North Korea target the equipment and construction industries in South Korea. In an attempt to obtain trade secrets from South Korea that it could utilize to establish its own heavy industry, North Korea has let loose its army of hackers. The primary perpetrators of the hacks were identified as Kimsuky and Andariel, two state-sponsored North Korean hacker groups, in a joint cybersecurity alert issued by South Korea’s Cybersecurity Intelligence Community (KCIC). The Reconnaissance General Bureau (RGB), a North Korean intelligence organization established in 2009 to conduct covert operations against South Korea, Japan, and the United States, is connected to both cyber organizations.
The advice stated, “It is uncommon for two hacking groups under the RGB to concentrate on attacking a particular sector at the same time in order to accomplish the same policy objectives, indicating the need for thorough preparation.” The hacking groups are focusing on the building, machinery, and urban development sectors in South Korea as part of North Korea’s revitalized economic drive, which includes ambitions to create 20 cutting-edge industrial plants throughout the nation. According to the KCIC, there has been a notable surge in cyber assaults that specifically target government personnel and these specific sectors.
The KCIC stated that the North Korean government, military, and party are committed to carrying out this policy and that their hacking groups are also fully involved. It stated, “It is suspected that North Korea intends to use the stolen data related to our country’s industrial plant construction and local development plans,” referring to the construction, machinery, and urban development sectors.
Using the website of a construction industry professional association, the Kimsuky hacking group disseminated malware in a January cyberattack that was reported by South Korean intelligence. The security authentication software that was utilized to access the website concealed the malware. Employees of construction companies, public institutions, and municipal governments all had their personal computers compromised as a result of accessing the website. The attackers are thought to have “carefully” planned their operation to change the security authentication software by taking advantage of a file upload vulnerability on the professional association’s website. Presumably, the hackers wanted to gain access to technical data and vital information about significant building projects by using the credentials of officials in the construction industry that had been compromised.
Another incident occurred in April when the North Korean hacker group Andariel replaced update files on the systems of construction and machinery enterprises with malware by taking advantage of flaws in the VPN information security software. Andariel also took advantage of weaknesses in server security products in addition to VPN products. According to South Korean intelligence, the threat actors were able to spread the remote control malware DoraRAT with the intention of utilizing it to transfer significant machine and equipment-related design data to the C2 server.
Some of the North Korean hacking groups are Kimsuky and Andariel, which use destructive online behavior such as espionage and attacks on the cryptocurrency industry to bolster the regime’s finances and achieve its geopolitical objectives.
Also read: Achieving Rapid Outcomes with AI-Driven Cloud Analytics
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
