North Korea launches global cyber espionage to steal military secrets: US, UK, South Korea

Hackers targeted and breached computer systems at a broad variety of defence and engineering firms


Reuters July 25, 2024
PHOTO: REUTERS

LONDON:

North Korean hackers have conducted a global cyber espionage campaign to try to steal classified military secrets to support Pyongyang's banned nuclear weapons programme, the United States, Britain and South Korea said in a joint advisory on Thursday.

The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, have targeted or breached computer systems at a broad variety of defence or engineering firms, including manufacturers of tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems, the advisory said.

"The authoring agencies believe the group and the cyber techniques remain an ongoing threat to various industry sectors worldwide, including but not limited to entities in their respective countries, as well as in Japan and India," the advisory said.

It was co-authored by the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA) and cyber agencies, Britain's National Cyber Security Centre (NCSC), and South Korea's National Intelligence Service (NIS).

"The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes," said Paul Chichester at the NCSC, a part of Britain's GCHQ spy agency.

The FBI also issued an arrest warrant for one of the alleged North Korean hackers, and offered a reward of up to $10 million for information that would lead to his arrest. He was charged with hacking and money laundering, according to a poster uploaded to the FBI's Most Wanted website on Thursday.

Internationally isolated North Korea, or the Democratic People's Republic of Korea (DPRK), has a long history of using covert hacking teams to steal sensitive military information.

In August last year, Reuters exclusively reported that one elite group of North Korean hackers had successfully breached systems at NPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow.

As was the case with that hack, APT45 - a part of North Korea's Reconnaissance General Bureau intelligence agency - used common phishing techniques and computer exploits to trick officials at the firms they were targeting into giving away access to their internal computer systems, Thursday's advisory said.

COMMENTS

Replying to X

Comments are moderated and generally will be posted if they are on-topic and not abusive.

For more information, please see our Comments FAQ