ADVERTISEMENT
North Korean hacking group attacks Israeli defence industry
International New York Times
Last Updated IST
Representative image. Credit: iStock
Representative image. Credit: iStock

Israel claimed Wednesday that it had thwarted a cyberattack by a North Korea-linked hacking group on its classified defence industry.

The Defense Ministry said the attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems.

However, security researchers at ClearSky, the international cybersecurity firm that first exposed the attack, said the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data. Israeli officials fear the data could be shared with North Korea’s ally, Iran.

ADVERTISEMENT

The episode adds Israel to the list of countries and companies that have been targeted by North Korea’s hacking unit, known to private security analysts as the Lazarus Group. American and Israeli officials have said the Lazarus Group, also known as Hidden Cobra, is backed by Pyongyang.

US federal prosecutors unmasked North Korean members of the Lazarus Group in a 2018 criminal complaint, which said the group was working on behalf of Lab 110, a North Korean military intelligence unit.

The complaint accused the group of playing a role in North Korea’s devastating 2017 ransomware attack, known as “WannaCry,” which paralyzed 300,000 computers across 150 countries; the 2016 cyber-theft of $81 million from Bangladesh Bank; and the crippling 2014 cyberattack at Sony Pictures Entertainment that resulted in the leak of executive emails and destroyed more than two-thirds of the studio’s computer servers.Though the group’s track record is mixed, North Korea’s growing army of more than 6,000 hackers has grown only more sophisticated and emboldened with time, according to American and British officials tracking the group.

In a report last April, officials at the departments of State, Homeland Security and Treasury and the FBI accused North Korea of increasingly using digital means to evade sanctions and generate income for its nuclear weapons program. The report also accused North Korea of shopping out its hackers to other cybercriminals and countries in what is known as “hacking for hire.”

The North Korean attack on Israeli’s defense industry began with a LinkedIn message in June, ClearSky researchers said. North Korean hackers posing as a Boeing headhunter sent a message to a senior engineer at an Israeli government-owned company that manufactures weapons for the Israeli military and intelligence.

ADVERTISEMENT
(Published 13 August 2020, 08:50 IST)