North Korean hackers have launched a global cyber espionage campaign to steal classified military secrets, aiming to support Pyongyang’s prohibited nuclear weapons program, according to a joint advisory by the United States, Britain, and South Korea.
The hackers, identified as Anadriel or APT45 by cybersecurity experts, have targeted and breached the computer systems of various defense and engineering firms. These firms include manufacturers of tanks, submarines, naval vessels, fighter aircraft, missile systems, and radar systems, as stated in the advisory on Thursday.
“The authoring agencies believe the group and its cyber techniques remain an ongoing threat to various industry sectors worldwide, including but not limited to entities in their respective countries, as well as in Japan and India,” the advisory noted.
The advisory was co-authored by the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), Britain’s National Cyber Security Centre (NCSC), and South Korea’s National Intelligence Service (NIS).
“The global cyber espionage operation we have exposed today demonstrates the extent to which DPRK state-sponsored actors are willing to go to advance their military and nuclear programs,” said Paul Chichester from the NCSC, part of Britain’s GCHQ spy agency.
Internationally isolated North Korea, officially the Democratic People’s Republic of Korea (DPRK), has a long history of using covert hacking teams to steal sensitive military information.
In August last year, Reuters exclusively reported that an elite group of North Korean hackers had successfully breached the systems of NPO Mashinostroyeniya, a rocket design bureau in Reutov, near Moscow.
As with that hack, APT45—part of North Korea’s Reconnaissance General Bureau intelligence agency—employed common phishing techniques and computer exploits to trick officials at targeted firms into granting access to their internal computer systems, the advisory explained.
