Asia

North Korean Hackers Try to Prevent South Korea, US From Conducting Drills

MOSCOW (Sputnik) - North Korean hackers from the Kimsuky group tried to attack a South Korean company providing computer simulation services for joint South Korea-US exercises and attempted to carry out a cyberattack on military infrastructure, the Gyeonggi Nambu Provincial Police Agency said on Sunday.
Sputnik
"The security investigation department of the Gyeonggi Police Agency as a result of the investigation into the case of sending several malicious emails in February-March of this year … found out that Kimsuky was behind this," the police said in a statement.
The hackers first managed to enter malicious code via email into the computer of an administrative employee of the company in January, after which they obtained the data of other employees of the company, the statement read. Later, in February, the hacker group sent letters to employees providing computer simulation services for the Freedom Shield military exercises.
The employees tried to open the attached file which allegedly contained information about problems with their tax deductions, but a computer network run by the Pentagon did not allow them to open the file, the statement added.
However, a number of employees of the company forwarded the letters to their personal email and opened malicious files from their own computers, which led to their personal devices being hacked, the police noted, adding that North Korean hackers failed to get military information.
The police, working with the US military, were able to determine that the cyberattack involved fake IP addresses used during the 2014 incident when Kimsuky hacked the South Korean operator of hydro and nuclear power plants, KHNP. In addition, the letters used expressions characteristic of the North Korean language, the statement said.
Discuss