Latest


South Korea, US, UK issue joint advisory on North Korean cyber group activities

  •   Fri, Jul 26 2024 03:48:26 PM

Seoul, July 26 (IANS): South Korea's cybersecurity authority has issued a joint advisory with its US and UK counterparts against a North Korean cyber group's espionage campaign, targeting classified information in defence, aerospace, nuclear and engineering sectors.

The advisory was issued by South Korea's National Intelligence Service (NIS) and National Police Agency, the US National Security Agency, the UK's National Cyber Security Centre and other related authorities, according to the National Cyber Security Center under the NIS.

The authorities said the cyber group under the North's Reconnaissance General Bureau, widely known as Andariel, has been targeting defence, aerospace, nuclear and engineering entities worldwide to obtain sensitive and classified technical information and intellectual property, Xinhua news agency reported.

This information is used to advance North Korea's military and nuclear capabilities, they added.

"The authoring agencies assess the group has evolved from conducting destructive attacks targeting US and South Korean organisations to conducting specialised cyber espionage and ransomware operations," the advisory read.

Andariel exploits web servers, through software vulnerabilities, to deploy web shells, gain access and then conduct malware and phishing attacks to extort information, the authorities explained.

The advisory recommends critical infrastructure organisations strengthen their monitoring efforts and enhance their cyber protection systems.

Additionally, they noted that Andariel actors also fund their espionage activities through ransomware attacks on US healthcare entities.

On Thursday (US time), the US State Department announced a reward of up to US$10 million for information on Rim Jong-hyuk, a North Korean national known to be associated with Andariel, accusing him of targeting America's critical infrastructure, including hospitals, government entities and defence contractors.

US law enforcement investigators have documented that Andariel actors victimised five healthcare providers, four US-based defence contractors, two US Air Force bases and the National Aeronautics and Space Administration, according to the department.

Last year, Andariel was also found to have stolen digital data containing key technologies from South Korean defence firms and pocketed 470 million won (US$339,154) worth of digital coins via ransomware attacks on other firms.
  

Top Stories


Leave a Comment

Title: South Korea, US, UK issue joint advisory on North Korean cyber group activities



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like