Search This Blog

Powered by Blogger.

Blog Archive

Labels

U.S. and South Korea Issue Warning on North Korean Hacker Group Linked to Satellite Launch

The primary objective of the group is to conduct espionage by targeting various entities of South Korea, USA, Russia and European Countries.
On Friday, the United States and South Korea released a joint cybersecurity advisory, addressing a North Korean hacker group allegedly responsible for stealing technology utilized in North Korea's recent unsuccessful satellite. South Korea's Foreign Ministry announced unilateral sanctions against the hacker organization, identified as Kimsuky. 

In their joint statement, the United States and South Korea revealed that the Kimsuky group specializes in gathering intelligence related to national security and foreign policy matters concerning the Korean Peninsula. They further alleged that the group shares this intelligence with North Korea while assisting the isolated nation in its purported development of "satellites," which the allies suspect are actually disguised missile tests. 

The statement emphasized that Kimsuky engages in the theft of space and weapons technologies, providing vital support to the regime's ongoing defiance of international sanctions imposed on its nuclear and missile initiatives. In addition to this, the group is also recognized as Velvet Chollima and Black Banshee. The U.S. Cybersecurity and Infrastructure Security Agency has predicted that Kimsuky has likely been operating since 2012. 

Its primary objective is conducting espionage by targeting various entities including South Korean think tanks, industries, nuclear power operators, and the Ministry of Unification. In recent times, Kimsuky has broadened its scope and extended its operations to include nations such as Russia, the United States, and several European countries. 

The group has been "directly or indirectly involved in the development of North Korea's so-called 'satellites' by stealing advanced technologies related to weapons development and satellites and space from all over the world," the statement reads. 

On Wednesday, North Korea launched the Malligyong-1 military reconnaissance satellite, as per their claims. However, during the separation of its first stage, the rocket experienced a loss of thrust and ultimately plunged into the Yellow Sea. 

However, both Seoul and Washington assert that the launch was actually aimed at enhancing the country's ballistic missile capabilities. This action by Pyongyang violates United Nations Security Council resolutions, which prohibit the use of such technology. Despite the unsuccessful outcome of Wednesday's attempt, North Korea is reportedly preparing for a second launch shortly.

Following the incident, Seoul and Washington jointly unveiled new sanctions targeting North Korean information technology workers and organizations suspected of financing the regime's nuclear and missile initiatives. South Korea specifically identified seven North Korean individuals and three entities involved in overseeing the earnings and money laundering activities of these workers. 

The sanctions aim to disrupt the financial networks supporting North Korea's illicit programs. According to the Kimsuky attacks records, in March 2015, South Korea accused Kimsuky of stealing data from Korea Hydro & Nuclear Power. In August 2019, it was revealed that Kimsuky had launched an unprecedented attack targeting retired South Korean diplomats, government officials, and military personnel. 

In September 2020, reports surfaced suggesting that Kimsuky had made an attempted hack on 11 officials associated with the United Nations Security Council, and in May 2021, a lawmaker from the People Power Party disclosed that Kimsuky had been discovered within the internal networks of the Korea Atomic Energy Research Institute.
Share it:

Cyber Security

Data Theft

Hacker group Kimsuky

international hacking

NK

SK

USA