Listen - Have this article read to you.(audio only click below)
Hackers from North Korea have been targeting numerous defense companies.
South Korean authorities have disclosed a significant hacking operation where hackers from North Korea stole defense secrets over the course of a year.
A recent report from the Korean National Police Agency identified three North Korean state-backed groups – Lazarus, Kimsuky, and Andariel – as being responsible for the cyber campaign.
According to reports from the local area, a group targeted a total of 83 defense contractors and subcontractors. They were successful in stealing sensitive information from 10 of these targets over a period of more than a year, from October 2022 to July 2023.
The KPNA discovered that certain companies were not aware that they had been breached when notified by the police.
Learn more about cyber-attacks originating from North Korea by reading about how North Korean attackers are taking advantage of a critical vulnerability in CI/CD systems.
North Korea launched a widespread cyber attack using a variety of tactics to accomplish their objectives.
The KPNA report highlighted a situation where attackers took advantage of a vulnerability in an email system to access and download large files without needing to authenticate.
In a separate incident, cybercriminals exploited weak password security to gain access to the account of a third-party IT maintenance company. They then used this access to infect a defense contractor with malware. The employee whose account was compromised had allegedly used the same password for both personal and work email accounts.
The KPNA shared a third example where administrators temporarily suspended security controls on an internal network for testing purposes. This action inadvertently enabled their adversaries to breach the network and steal sensitive data.
Reports suggest that the breaches that were recently revealed may only be a small part of a larger issue. A defense expert, who chose to remain anonymous, mentioned that North Korean weaponry is becoming more closely resembling that of South Korea. For example, the KN-23 missile, a surface-to-surface missile recently identified in North Korea, bears similarities to the Hyunmoo-4 ballistic missile used by South Korea.
In recent years, South Korea has emerged as a significant participant in the global arms trade, securing contracts valued at billions of dollars for the sale of various military equipment such as howitzers, tanks, and fighter jets.