Connect with us

Hi, what are you looking for?

Tech

North Korea-backed group ‘in cyber campaign to steal military and nuclear secrets’

The UK, US and South Korea have accused a North Korea-backed cyber group of carrying out an online espionage campaign to steal military and nuclear secrets.

The “Andariel” group has been compromising organisations around the globe as it attempts to get hold of sensitive and classified technical information and intellectual property data, according to the UK’s National Cyber Security Centre (NCSC).

The centre, along with the FBI in the US and South Korea’s national intelligence service, have issued a joint warning and advisory note about Andariel’s actions.

They have urged critical infrastructure organisations to “stay vigilant” against the cyber operations.

North Korea is a secretive and authoritarian state, which is officially known as the Democratic People’s Republic of Korea (DPRK), and is headed by supreme leader Kim Jong Un.

NCSC director of operations Paul Chichester said: “The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes.”

Andariel is part of DPRK’s Reconnaissance General Bureau (RGB) 3rd bureau, and the group’s malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, the agency believes.

What did group target?

The group primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors, according to the NCSC, which is part of the GCHQ intelligence agency.

Andariel has tried to obtain information such as contract specification, design drawings and project details, the NCSC claimed.

As part of its operations, Andariel also launched ransomware attacks against US healthcare organisations in order to extort payments and fund further espionage activity.

The advisory outlines how Andariel has evolved from destructive hacks against US and South Korea organisations to carrying out specialised cyber espionage and ransomware attacks.

The hackers carried out ransomware attacks and cyber espionage operations on the same day against the same victim in some cases.

‘The importance of protecting sensitive information’

Mr Chichester added: “It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse.

“The NCSC, alongside our US and Korean partners, strongly encourage network defenders to follow the guidance set out in this advisory to ensure they have strong protections in place to prevent this malicious activity.”

This post appeared first on sky.com

    You May Also Like

    Stocks

    In this episode of StockCharts TV‘s The MEM Edge, Mary Ellen reviews what’s shaping up in the broader markets after the Fed announced their rate cut...

    Tech

    Consumer rights group Which? is suing Apple for £3bn over the way it deploys the iCloud. If the lawsuit succeeds, around 40 million Apple...

    Tech

    Battle lines have been drawn between the almost 200 countries meeting in Azerbaijan as they seek to agree a new pot of money to...

    Tech

    Meta has lowered the minimum age to use the popular messaging platform WhatsApp. The move, which came into effect on Thursday, reduces the age...

    Disclaimer: globalwashingtonwebinar.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

    Copyright © 2024 globalwashingtonwebinar.com | All Rights Reserved