Major North Korean hacker groups have been conducting “all-out” assaults against South Korean defense industries for more than a year, according to South Korea’s police.
According to South Korea’s police on Tuesday, major North Korean hacker gangs have been launching “all-out” cyberattacks against South Korean defense corporations for over a year, breaking into the companies’ internal networks and obtaining technical data.
According to the police, hackers known as Lazarus, Kimsuky, and Andariel, who are connected to North Korea’s intelligence services, introduced malicious software into the defense industries’ data systems either directly or through contractors they used.
Together with a group of experts from the commercial sector and a national intelligence agency, the police were able to link the attacks to the groups by analyzing the malware signatures, the rerouting architecture of the signals, and the source IP addresses of the hacks.
In a case that started in November 2022, the hackers infiltrated the company’s public network by planting a code, and when the internal system’s security software was momentarily disabled for a network test, the code spread to the company’s intranet.
The hackers also gained access to defense business networks and extracted sensitive technical data by taking advantage of a simple security failure committed by subcontractor employees who used the same passcodes for their official and personal email accounts.
The nature of the compromised data and the names of the compromised companies were not disclosed by the police.
With contracts to deliver mechanized howitzers, tanks, and fighter jets valued at billions of dollars signed in recent years, South Korea has emerged as a significant worldwide defense supplier.
Hacking gangs from North Korea have gained access to global defense corporations’ networks, as well as those of South Korean financial institutions, news outlets, and, in a significant security breach in 2014, South Korea’s nuclear power operator.
Large-scale bitcoin thefts are thought to have been carried out by North Korean hackers, who then used the proceeds to finance their weapons development.
North Korea disputes any participation in cyberattacks or cryptocurrency thefts.
Also read: Nurturing Responsible Online Behavior in Students by Building a Culture of Digital Citizenship
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.