(844) 627-8267
(844) 627-8267

North Korean Hackers Target US Ally | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


One or more hacking groups linked to North Korea has breached the personal emails of more than 100 people in the South, including the accounts of senior defense officials, according to local reports.

Officials with South Korea‘s police and the Defense Ministry, which are now conducting a joint investigation, have acknowledged the cyberattack but have so far not publicized the precise number of victims.

The latest breach, first reported on Monday by South Korea’s TV Chosun, compromised the private emails of national security staff and senior military officials, including generals in the Defense Ministry and the Joint Chiefs of Staff.

The Lazarus group, and possibly other North Korea-affiliated entities, were likely behind the cyberattack, which the news channel called the largest “organized hack” of individual communications to date.

A North Korean flag flies over the propaganda village of Gijungdong in North Korea, on July 19, 2022. One or more hacking groups linked to North Korea has breached the personal emails of more than…
A North Korean flag flies over the propaganda village of Gijungdong in North Korea, on July 19, 2022. One or more hacking groups linked to North Korea has breached the personal emails of more than 100 people in the South.

KIM HONG-JI/POOL/AFP via Getty Images

North Korea has been accused of major hacks in the past, as part of long-term efforts to infiltrate and undermine the South’s intelligence and security apparatuses.

South Korean authorities say the attacks are carried out by proxy groups funded by Pyongyang. Kim Jong Un‘s regime is thought to benefit from not only the potential acquisition of sensitive data, but also successful ransomware attacks that help fund the country’s poverty-stricken economy.

Inter-Korean relations remain at a low point amid Kim’s repeated missile tests and as South Korea’s President Yoon Suk Yeol leans into his country’s decadeslong treaty alliance with the United States.

Earlier this month, Seoul raised the terror alert levels at five overseas missions, citing intelligence pointing to possible attacks on South Korean diplomats by North Korea actors.

The North Korean Embassy in Beijing did not immediately return a written request for comment. South Korea’s Defense Ministry could not be reached for comment.

In April, Seoul’s Korean National Police Agency said North Korean-sponsored hackers stole technical data from South Korean defense companies in “all-out” cyberattacks that continued for over a year.

Lazarus, Kimsuky and Andariel—all allegedly run out of Pyongyang—were blamed for the defense industry breach, which began in the fall of 2022. Hackers were said to have exploited openings in vulnerable or improperly secured networks.

South Korea’s Yonhap News Agency, quoting Defense Ministry spokesperson Jeon Ha-kyou on Tuesday, said victims of the attack had been advised to secure their personal accounts.

The affected accounts were unrelated to work emails on military servers, said Jeon, who declined to disclose details about the precise scale of the hack.