March 4, 2024 at 09:47AM
The National Intelligence Service (NIS) of South Korea has warned of increased cyber espionage attacks by North Korean hackers targeting domestic semiconductor manufacturers. The attacks exploit known vulnerabilities in internet-exposed servers to steal sensitive data. South Korean chipmakers, including Samsung Electronics and SK Hynix, are crucial in the global semiconductor supply chain. NIS believes North Korea aims to develop its semiconductor program.
Based on the meeting notes, the key takeaways are:
1. North Korean hackers have been targeting South Korean semiconductor manufacturers in cyber espionage attacks, with a focus on internet-exposed servers vulnerable to known flaws.
2. The attackers have used “living off the land” tactics, which involves abusing legitimate software tools for malicious purposes to evade detection by security products.
3. Two cyberattacks occurred in December 2023 and February 2024, resulting in the compromise of product design drawings and sensitive data from two separate entities.
4. South Korea is home to leading chipmakers Samsung Electronics and SK Hynix, who play critical roles in the global semiconductor supply chain.
5. The cyberattacks appear to be aimed at collecting valuable technical information for North Korea’s own chip-making program and covering military equipment needs, possibly due to difficulties in obtaining semiconductors because of sanctions.
6. The National Intelligence Service has notified the domestic victims of the cyberattacks and provided recommendations on detecting and stopping them, emphasizing the importance of applying security updates and strict access controls on internet-exposed servers.
These takeaways highlight the seriousness of the cyber espionage attacks and the potential impact on South Korea’s semiconductor industry as well as the broader global supply chain. Measures need to be taken to strengthen security and prevent unauthorized access to sensitive data and intellectual property.