North Korean Hackers Breach South Korean Chip Companies for Intel: Spy Agency

By John Lopez

Mar 04, 2024 03:48 PM EST

North Korean hackers have successfully infiltrated two South Korean semiconductor equipment firms in a series of cyberattacks dating back to last year, according to South Korea's spy agency. Bloomberg tells us that the breaches in December and February targeted critical data, including product blueprints and manufacturing facility details.

The National Intelligence Service (NIS) of South Korea revealed that the attackers utilized a sophisticated technique known as "living off the land" (LotL), making it challenging for traditional security measures to detect their activities. This method involves exploiting legitimate software already installed on the victim's systems, evading detection by conventional security measures. 

(Photo : Photo by KAZUHIRO NOGI/AFP via Getty Images)
A man watches street TV broadcasting breaking news of a North Korean missile launch in Tokyo on April 13, 2023. - Japanese Prime Minister Fumio Kishida said on April 13 that a missile launched by North Korea "did not fall in Japanese territory", after the government issued a warning to residents of Hokkaido. (Photo by Kazuhiro NOGI / AFP)

North Korea's Moves to Evade Sanctions

The motives for these cyberattacks appear to be wide-ranging. For instance, North Korea may be attempting to evade UN sanctions by building its semiconductor capabilities for weapons programs. With sanctions making it difficult to obtain chips, the regime looks to increase indigenous semiconductor manufacture.

Furthermore, there is an increasing demand for semiconductors in North Korea's satellite, missile, and other weapons projects, encouraging the government to improve its semiconductor capabilities. The NIS has issued a warning to South Korean chipmakers, advising them to boost their cybersecurity safeguards to reduce the risk presented by such advanced cyber threats.

READ MORE: Israel Gives Intel $3.2 Billion Grant for New $25 Billion Chip Plant, Biggest Ever Foreign Investment in Country

Cyberthreats from North Korea

This latest round of cyberattacks is not an isolated incident but rather part of a larger pattern of North Korean cyber activity. In recent years, North Korea has been linked to several cyberattacks against banks, defense secrets, ransomware, and digital currencies.

In response to the ongoing threat posed by North Korean cyber activities, the United States, South Korea, and Japan have announced collaborative efforts to combat illicit hacking activities emanating from North Korea. This joint effort demonstrates how seriously the international community takes North Korea's cyber capabilities and their consequences for regional security.

Previous cyber events involving North Korea have included attacks on foreign policy experts and the theft of virtual assets. The NIS estimates that North Korean hackers stole about 1.5 trillion won ($1.2 billion) in virtual assets over the last five years, with a large percentage occurring in the last year alone.

As tensions escalate ahead of the upcoming parliamentary elections, cybersecurity remains a top priority for South Korea and its allies. 

READ NEXT: Elon Musk Gets Confronted by NATO Ally Leader on Claim About the Military Alliance, Fact-Checked by His Own Platform

© 2024 VCPOST, All rights reserved. Do not reproduce without permission.

Join the Conversation

Real Time Analytics