Suspected North Korean cyberattack targets South Korean nuclear research institute



North Korean hackers have recently targeted South Korean think tanks and security agencies. Their main target seemed to be the Korea Atomic Energy Research Institute (KAERI), the only nuclear research institute in Korea. In response to recent attacks, the US State Department has called for strengthening international joint efforts against North Korea’s cyber threats.

According to the National Intelligence Service (NIS) of South Korea, KAERI is likely to have been exposed to cyber attacks by North Korea for 12 consecutive days, local media report.. The attack appeared to have been carried out by a North Korean state-affiliated organization. Fortunately, they are not believed to have led to a leak of KAERI’s core research.

so Press conference On June 18, People Power Party (PPP) lawmaker Ha Tae-keung, an intelligence officer in the Korean National Assembly, informed the media of the cyberattack and urged the government to investigate.

“On May 14, 13 unauthorized external IP addresses broke into KAERI’s intranet. The Issue Makers Lab, an organization investigating North Korean cyber terrorism, tracked IP sources and some We have confirmed that the IP address belongs to the North Korean reconnaissance agency (RGB) hacker organization “Kimsuky”, “Ha said.

Two days later, June 20, Korea Jun Ahn Daily report The hacker also targeted Daewoo Shipbuilding & Marine (DSME), South Korea’s leading submarine maker and supplier to the South Korean Navy. However, according to some government sources, the attack could leak important data. The exact time of the hack has not been determined, but it has been reported to have occurred in the past year.

At a press conference July 4thHa said he received multiple reports showing that North Korea may have stolen technical data on a nuclear-powered submarine jointly developed by KAERI and DSME. Ha added that this is not the first time DSME has been targeted. April 2016, Major hack According to North Korea, 40,000 internal data, including more than 60 military secrets, were leaked. This was one of the largest national security leaks in Korean history.

Target aerospace industry

on June 30Korea Aerospace Industries (KAI), a South Korean defense company, reported a cyberattack and requested police. Research.. On the same day, Congressman Ha suggested that the KAI and KAERI attacks were carried out in the same time frame and are likely to have been carried out by the same North Korean hacker organization, Kimsky. Ha did not reveal the exact time of the attack.

Ha too clearly KAI is currently manufacturing jets for the Korean fighter KF-X series, and hackers may have obtained the latest KF-21 blueprints.

KAI was the target of a cyberattack in May 2020, according to a South Korean defense ministry report that did not disclose the exact time.

North Korean hackers threaten: US State Department

US State Department spokesman Ned Price in response to recent cyberattacks Said on July 8th North Korean hackers pose a serious threat, and the international community should step up joint efforts to counter them.

“It is imperative for the international community that network advocates and the general public remain vigilant and work together to mitigate the cyber threat posed by North Korea,” Price emphasized.

February 17 John C. Demers, deputy prosecutor of the U.S. Department of Justice’s State Department of Justice, said North Korean agents used “keyboards, not guns” to steal encrypted currency from digital wallets. .. And they became “the world’s leading bank robbers”.

Demers also at an event hosted by a Washington think tank in October 2020 Said The Chinese Communist Party (CCP) supported North Korea’s cyber theft and money laundering. He suggested that the Chinese Communist Party may have supported North Korea through cyber infrastructure, shared its expertise and provided training.

March 2020, US Department of Justice Charged Two Chinese citizens detailed that North Korean agents laundered cryptocurrencies worth more than $ 100 million and used hacking operations to circumvent sanctions.

Posted on