International acting hackers from North Korea exposed
Worldwide, a North Korean hacking group is attempting to steal data from companies. The goal of the cybercriminals is to strengthen the "military and nuclear ambitions of the regime", according to investigative authorities. A US court is now filing charges against a participant.
A hacking group sponsored by North Korea has, according to international security agencies, spied on state and private organizations in several countries to steal information about military and atomic installations. "The United Kingdom and international partners have discovered a global cyber espionage campaign being carried out by attackers sponsored by the Democratic People's Republic of Korea (North Korea), aimed at advancing the military and nuclear ambitions of the regime," the British National Cyber Security Centre (NCSC) stated. The hacking group had the goal of "advancing the military and nuclear ambitions of the regime."
The group known as Andariel primarily targeted defense, aviation and space, nuclear, and machinery manufacturing companies, as well as organizations in the medical and energy sectors, according to a joint report released by the FBI.
Affected were primarily institutions in the UK, the US, South Korea, Japan, and India. Andariel attempted to obtain information such as contract details, design drawings, and project details. Andariel also launched ransomware attacks against US healthcare organizations to extort payments. Andariel remains "a persistent threat for a range of industries worldwide," according to the FBI.
US Court Files Charges
The US Department of Justice announced that the hacking group had financed further cyber attacks on defense and technology organizations worldwide, including US government agencies, with ransomware payments. A grand jury in Kansas City had already indicted a North Korean national on Wednesday.
He was involved in a conspiracy to hack and extort US hospitals and other healthcare providers. Then he laundered the ransoms and used the proceeds to fund further hacking attacks against defense, technology, and government institutions worldwide.
Authorities urged companies and governments to better protect sensitive data. Security vulnerabilities needed to be addressed. Already in February, the German Federal Office for the Protection of the Constitution warned research institutions and companies in the arms industry of sophisticated cyber attacks by two North Korean hacking groups. The goal of the spying attacks was "the theft of advanced weapons technology," according to a security advisory issued by the Federal Office for the Protection of the Constitution and the South Korean National Intelligence Service.
The hacking group's activities are not limited to the United States, as they have also targeted organizations in the United Kingdom and other countries, aiming to gain information about military and atomic installations. The United States of America has taken steps to combat this issue, with the FBI releasing a joint report identifying Andariel as a significant threat to various industries globally. In response, a US court has filed charges against a North Korean national accused of financing cyber attacks and extorting ransoms from healthcare organizations.
