Security News > 2024 > April > DPRK hacking groups breach South Korean defense contractors
The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information.
The police discovered several instances of successful breaches of defense companies in South Korea involving the hacking groups Lazarus, Andariel, and Kimsuky, all part of the North Korean hacking apparatus.
The police report highlights three cases involving each of the mentioned hacking groups, displaying multi-faceted attack methods aimed at stealing defense tech.
Lazarus hackers exploited poorly managed network connection systems designed for testing and penetrated the internal networks of a defense company since November 2022.
The Korean police recommends both defense companies and their subcontractors to improve network security segmentation, periodic password resets, setting up two-factor authentication on all critical accounts, and blocking foreign IP accesses.
North Korea hacks two South Korean chip firms to steal engineering data.