North Korean hackers have conducted a global cyber espionage campaign to try to steal classified military secrets to support Pyongyang’s banned nuclear weapons program, the United States, Britain, and South Korea said in a joint advisory on Thursday.
The hackers, dubbed Anadriel or APT45 by cybersecurity researchers, have targeted or breached computer systems at a broad variety of defense or engineering firms, including manufacturers of tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems, the advisory said.
“The authoring agencies believe the group and the cyber techniques remain an ongoing threat to various industry sectors worldwide, including but not limited to entities in their respective countries, as well as in Japan and India,” the advisory said.
It was co-authored by the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA) and cyber agencies, Britain’s National Cyber Security Centre (NCSC), and South Korea’s National Intelligence Service (NIS).
“The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programs,” said Paul Chichester at the NCSC, a part of Britain’s GCHQ spy agency.
NORTH KOREAN LEADER Kim Jong Un attends the 10th Plenary Meeting of the 8th Central Committee of the Workers’ Party of Korea in Pyongyang, North Korea, earlier this month. The emerging Axis of Evil – Russia, Iran, Hamas, Hezbollah, and North Korea should alarm us all, states the write. (credit: KCNA/REUTERS)
The FBI also issued an arrest warrant for one of the alleged North Korean hackers, and offered a reward of up to $10 million for information that would lead to his arrest. He was charged with hacking and money laundering, according to a poster uploaded to the FBI’s Most Wanted website on Thursday.
Internationally isolated North Korea, or the Democratic People’s Republic of Korea (DPRK), has a long history of using covert hacking teams to steal sensitive military information.
Prelude to the cyberhacks
In August last year, Reuters exclusively reported that one elite group of North Korean hackers had successfully breached systems at NPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow.
As was the case with that hack, APT45 – a part of North Korea’s Reconnaissance General Bureau intelligence agency – used common phishing techniques and computer exploits to trick officials at the firms they were targeting into giving away access to their internal computer systems, Thursday’s advisory said.
