Home Alarm over North Korea’s cyber attacks

Alarm over North Korea’s cyber attacks

April 24th — According to authorities in Seoul, North Korean hackers have conducted sweeping cyber attacks against South Korean defense firms. The attacks have prompted warnings for the industry, which urge organizations to take additional cyber security measures.

What happened

Reports say that cyber adversaries infiltrated 83 different companies. Sensitive data from at least six different computers was siphoned off to foreign servers, raising concerns about the cyber security surrounding defense technology.

It is known that information concerning anti-aircraft weapon systems has been stolen. A handful of the defense companies were entirely unaware of having been breached before law enforcement contacted them. Police have not publicly disclosed the names of the affected companies.

Joint advisory

Earlier this year, German and South Korean intelligence agencies presented a joint advisory that noted ongoing North Korean cyber espionage operations targeting the global defense sector. Experts say that current findings may represent the ‘tip of the iceberg’.

Behind the hacks

The hacking efforts have been attributed to groups like Lazarus, Kimsuky and Andariel. Hackers have deployed various tactics, including malware, infiltration during network testing, and exploitation of password weaknesses, to gain access.

The North Korean embassy in Beijing has been approached for comment, although no response has yet been received. The U.S. Office of the Director of National Intelligence has underscored the sophisticated nature of North Korea’s cyber capabilities.

Proactive prevention and defense

As the threat stemming from North Korea’s cyber program persists, authorities stress the need for continuous vigilance and proactive prevention and defense measures.

Authorities have recommended the implementation of two-factor authentication, network segmentation, and password rotation strategies as means of mitigating future risks.

For more on this story, click here. To receive compelling cyber insights, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.