Security News > 2023 > May > North Korean hackers breached major hospital in Seoul to steal data
The Korean National Police Agency warned that North Korean hackers had breached the network of one of the country's largest hospitals, Seoul National University Hospital, to steal sensitive medical information and personal details.
The intrusion techniques observed in the attacks, the IP addresses that have been independently linked to North Korean threat actors, the website registration details, the use of specific language and North Korean vocabulary.
The KNPA press release cautioned that North Korean hackers might try to infiltrate information and communication networks across various industries.
"We plan to actively respond to organized cyber-attacks backed by national governments by mobilizing all our security capabilities and to firmly protect South Korea's cyber security by preventing additional damage through information sharing and collaboration with related agencies," warned the KNPA. North Korean hackers have been previously linked to hospital network intrusions aiming to steal sensitive data and extort a ransom payment from healthcare organizations.
More specifically, the U.S. government has highlighted the Maui ransomware threat as such, warning the healthcare sector that they need to raise their defenses against the North Korean operation.
Lazarus is known for targeting South Korean entities with ransomware since April 2021.
News URL
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Radiant links $50 million crypto heist to North Korean hackers (source)