Seoul, July 26 (SocialNews.XYZ) South Korea's cybersecurity authority has issued a joint advisory with its US and UK counterparts against a North Korean cyber group's espionage campaign, targeting classified information in defence, aerospace, nuclear and engineering sectors.
The advisory was issued by South Korea's National Intelligence Service (NIS) and National Police Agency, the US National Security Agency, the UK's National Cyber Security Centre and other related authorities, according to the National Cyber Security Center under the NIS.
The authorities said the cyber group under the North's Reconnaissance General Bureau, widely known as Andariel, has been targeting defence, aerospace, nuclear and engineering entities worldwide to obtain sensitive and classified technical information and intellectual property, Xinhua news agency reported.
This information is used to advance North Korea's military and nuclear capabilities, they added.
"The authoring agencies assess the group has evolved from conducting destructive attacks targeting US and South Korean organisations to conducting specialised cyber espionage and ransomware operations," the advisory read.
Andariel exploits web servers, through software vulnerabilities, to deploy web shells, gain access and then conduct malware and phishing attacks to extort information, the authorities explained.
The advisory recommends critical infrastructure organisations strengthen their monitoring efforts and enhance their cyber protection systems.
Additionally, they noted that Andariel actors also fund their espionage activities through ransomware attacks on US healthcare entities.
On Thursday (US time), the US State Department announced a reward of up to US$10 million for information on Rim Jong-hyuk, a North Korean national known to be associated with Andariel, accusing him of targeting America's critical infrastructure, including hospitals, government entities and defence contractors.
US law enforcement investigators have documented that Andariel actors victimised five healthcare providers, four US-based defence contractors, two US Air Force bases and the National Aeronautics and Space Administration, according to the department.
Last year, Andariel was also found to have stolen digital data containing key technologies from South Korean defence firms and pocketed 470 million won (US$339,154) worth of digital coins via ransomware attacks on other firms.
Source: IANS
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz
This website uses cookies.