North Korean hackers are attempting to steal nuclear and military secrets from governments and private companies around the world, the UK, US and South Korea have warned.
They say the group – known by the names Andariel and Onyx Sleet – is targeting defence, aerospace, nuclear and engineering entities to obtain classified information, with the aim of advancing Pyongyang’s military and nuclear programs and ambitions.
The group has been seeking information in a wide range of areas – from uranium processing to tanks, submarines and torpedoes – and has targeted the UK, US, South Korea, Japan, India and elsewhere.
US air force bases, Nasa and defence companies are said to have been targeted.
The high-profile warning about this specific group appears to be a sign that its work combining espionage and money-making activity is worrying officials because of its impact both on sensitive technology and every-day life.
The US says the group funds its espionage activity through ransomware operations against US healthcare entities.
Paul Chichester, director of operations for the UK’s National Cyber Security Centre (NCSC), an arm of GCHQ, said: “The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes.
“It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse.”
The NCSC assesses that Andariel is a part of North Korea’s Reconnaissance General Bureau (RGB) 3rd Bureau.
The joint warning issued by the US, UK and South Korea shares advice to help defend against North Korean actors, which it says have also been seeking information on robot machinery, mechanical arms, and 3D printing components.
“This indictment showcases that North Korean threats groups also pose a serious threat to citizens’ everyday lives and can’t be ignored or disregarded,” Michael Barnhart, Mandiant Principal Analyst at Google Cloud said.
“Their targeting of hospitals to generate revenue and fund their operations demonstrates a relentless focus on fulfilling their priority mission of intelligence gathering, regardless of the potential consequences it may have on human lives.”
This is just the latest in a series of warnings about North Korean hackers over the years.
Some of the most high profile cyber incidents have been linked to the country, including an attack on Sony Pictures in 2014 in retaliation for a Hollywood comedy film that depicted the assassination of North Korean leader Kim Jong Un.
North Korea is also known for the activities of Lazarus Group which has carried out major thefts of millions of dollars.
Trump says he will ‘100%’ carry out Greenland tariffs threat, as EU vows to protect its interests
AFP via Getty ImagesKaja Kallas, the EU's foreign policy chief, said the bloc has "no interest to pick a fight,...
US justice department investigates Minnesota Democrats over alleged obstruction of ICE
ReutersCustoms and Border Patrol agents gather as protests continue outside Minneapolis' Whipple Federal Building, which has become a de-facto ICE...
More than 2,000 people reported killed as Trump says ‘help is on its way’
David GrittenandPaul AdamsReutersArmed security forces were deployed at a pro-government rally in Tehran on MondayMore than 2,000 people have been...
The former pop star taking on Yoweri Museveni in Uganda’s election
Getty ImagesWith his charisma, tenacity and everyman appeal, music star Bobi Wine has shaken up Ugandan politics.Since his career pivot...
