4-3-2024 (SEOUL) In a concerning development, North Korea’s hacking groups have successfully breached the security of at least two South Korean manufacturers of chip-making equipment, as revealed by South Korea’s National Intelligence Service (NIS) on March 4. The intrusion indicates North Korea’s efforts to circumvent sanctions and establish its semiconductor production for weapons programs.
The NIS disclosed that the South Korean firms had been prime targets for North Korean hackers since late 2023, emphasizing the need for enhanced cybersecurity measures. The revelation follows South Korean President Yoon Suk-yeol’s warning about potential provocations from North Korea, including cyber attacks and the spread of fake news, to disrupt the upcoming parliamentary elections in April.
According to the NIS, North Korean hackers infiltrated the servers of two companies in December and February, pilfering crucial data, including product design drawings and facility photographs. The agency suggests that these actions may indicate North Korea’s preparation to manufacture its semiconductors, driven by challenges in procuring them due to international sanctions.
Additionally, the North’s semiconductor ambitions could be fueled by increased demand for its satellite, missile, and other weapons programs. Despite consistent accusations of involvement in cybercrimes, North Korea has consistently denied any such activities, although it has been implicated in cyber attacks resulting in substantial financial gains.
The hacking technique employed by North Korea is termed “living off the land,” a method that minimizes the use of malicious codes and relies on existing, legitimate tools within the compromised servers. This approach makes it challenging to detect with conventional security software, further emphasizing the need for heightened vigilance and cybersecurity protocols.
