|
Hacking teams linked to North Korea's intelligence apparatus and
known as Lazarus, Kimsuky and Andariel planted malicious codes
in data systems of the defense companies either directly or
through contractors working with them, the police said.
The police, working with a team of national spy agency and
private sector experts, traced the hacks to the groups,
identifying them by the source IP addresses, the re-routing
architecture of the signals and the signatures of the malwares
used, it said.
In a case that began in November 2022, the hackers planted a
code in the company's public network which then infected its
intranet when the security program protecting the internal
system was temporarily disengaged for a network test, it said.
The hackers also took advantage of the simple security lapse by
employees at subcontractors who used the same passcodes for
their private and official email accounts, breaching defense
company networks and extracting confidential technical data.
The police did not name the companies that have been hacked or
the nature of the data breached.
South Korea has emerged as a major global defense exporter, with
contracts signed in recent years to sell mechanized howitzers,
tanks and fighter jets valued at billions of dollars.
North Korean hacking groups have infiltrated the systems of
South Korean financial institutions and news outlets, foreign
defense companies, and, in a major security breach in 2014, into
South Korea's nuclear power operator.
North Korean hackers are believed to be behind major
cryptocurrency thefts, with the stolen funds being channeled to
its weapons programs.
North Korea denies involvement in hacking operations or crypto
heists.
(Reporting by Jack Kim; Editing by Lincoln Feast.)
[© 2024 Thomson Reuters. All rights
reserved.]
Copyright 2022 Reuters. All rights reserved. This material may
not be published, broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|
