Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

North Korean hackers target South Korean chipmakers

South Korea’s National Intelligence Service accuses North Korea of stealing processor designs.

user icon David Hollingworth
Tue, 05 Mar 2024
North Korean hackers target South Korean chipmakers
expand image

Hackers from North Korea have been observed targeting semiconductor manufacturers, according to a new report from South Korea’s National Intelligence Service (NIS).

The hacking campaign lasted from the middle of 2023 to “until recently” and involved attempts to compromise multiple chip manufacturers.

In at least two cases, the hackers were able to exfiltrate data in December 2023 and February 2024, respectively. In both instances, the North Korean threat actor was able to steal “product design drawings” and site photos of the targeted manufacturing facilities.

============
============

The NIS believes the cyber attacks are part of a wider effort by North Korea to kickstart its own semiconductor industry. International sanctions restrict the sale of semiconductors to the rogue nation, while at the same time, North Korea is expanding its satellite and missile development programs – two very high-demand industries when it comes to semiconductors.

As to the nature of the attacks, the North Korean hackers relied upon stealthy living-off-the-land techniques to evade detection on South Korean networks.

The NIS has subsequently contacted the impacted manufacturers and offered assistance in preventing further attacks. It has also shared details of the campaign with other semiconductor manufacturers.

“Security updates and access control must be implemented for internet-exposed servers, and account management must be thorough, including regular administrator authentication reinforcement,” an NIS spokesperson said in a statement (translated from the original South Korean).

North Korea is well known for its use of cyber espionage to both steal technology and raise funds domestically. The NIS and Germany’s Bundesamt für Verfassungsschutz released a joint advisory in February warning the international community of North Korean cyber attacks targeting companies in the defence sector.

“The Democratic People’s Republic of Korea (DPRK) puts high emphasis on military strength and focuses on the theft of advanced defence technologies from targets around the world,” the two agencies said at the time.

“The BfV and NIS assess that the regime is using military technologies to modernise and improve the performance of conventional weapons and to develop new strategic weapon systems, including ballistic missiles, reconnaissance satellites, and submarines. DPRK increasingly uses cyber espionage as a cost-effective means to obtain military technologies.”

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.