Britain, the United States and South Korea have warned that North Korean hackers are trying to steal nuclear and military secrets from governments and private companies around the world.
The group, which goes by the names “Andariel” and “Onyx Sleet,” targets defense, aerospace, nuclear energy and engineering entities to obtain classified information with the goal of advancing Pyongyang’s military and nuclear programs and its ambitions, they said.
The group has been seeking information across a wide range of areas – from uranium processing to tanks, submarines and torpedoes – and has targeted the UK, US, South Korea, Japan, India and other countries.
US Air Force bases, NASA and defense companies are said to have been targeted.
The high-profile warnings against this particular group appear to indicate that its work, which combines espionage and money-making, worries officials because of its impact on both sensitive technology and everyday life.
The U.S. said the group funded its espionage activities through ransomware operations targeting U.S. healthcare entities.
Paul Chichester, operating director of the National Cyber Security Center (NCSC), an agency of GCHQ, said: “The global cyber espionage campaign we have exposed today demonstrates the lengths to which state-backed actors in North Korea are willing to go to conduct espionage.” Their military and nuclear programs .
“It should serve as a reminder to critical infrastructure operators of the importance of protecting sensitive information and intellectual property on their systems to prevent theft and misuse.”
The NCSC assesses that Andariel is affiliated with North Korea’s Reconnaissance General Bureau (RGB) Third Directorate.
A joint warning issued by the United States, Britain and South Korea provides recommendations to help protect against North Korean actors, who are also said to have been seeking information on robotic machinery, robotic arms and 3D-printed components.
“This indictment demonstrates that North Korean threat groups also pose a serious threat to citizens’ daily lives and cannot be ignored,” said Michael Barnhart, principal analyst at Google Cloud Mandiant.
“Their targeting of hospitals to generate revenue and fund their operations demonstrates their unrelenting commitment to their primary mission of intelligence collection, regardless of the potential consequences to human life.”
This is just the latest in a series of warnings targeting North Korean hackers over the years.
Some of the most high-profile online incidents have been linked to the country, including a 2014 attack on Sony Pictures in retaliation for a Hollywood comedy film depicting the assassination of North Korean leader Kim Jong Un.
North Korea also Lazarus Group Activities Major thefts worth millions of dollars have been committed.
