Security News > 2021 > June > North Korea Exploited VPN Flaw to Hack South's Nuclear Research Institute
South Korea's state-run Korea Atomic Energy Research Institute on Friday disclosed that its internal network was infiltrated by suspected attackers operating out of its northern counterpart.
KAERI, established in 1959 and situated in the city of Daejeon, is a government-funded research institute that designs and develops nuclear technologies related to reactors, fuel rods, radiation fusion, and nuclear safety.
Following the intrusion, the think tank said it took steps to block the attacker's IP addresses in question and applied necessary security patches to the vulnerable VPN solution.
"Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage," the entity said in a statement.
Active since 2012, Kimsuky is a North Korean threat actor known for its cyber espionage campaigns targeting think tanks and nuclear power operators in South Korea.
It's worth noting that unpatched VPN systems from Pulse Secure, SonicWall, Fortinet FortiOS, and Citrix have been subjected to attacks by multiple threat actors in recent years.