March 4, 2024 at 03:07PM
North Korean government spies have conducted digital intrusions into chipmakers, stealing product designs to promote their domestic semiconductor industry. The South Korean National Intelligence Service (NIS) warned of ongoing cyber espionage, suspecting North Korea’s preparation for semiconductor production due to procurement difficulties. The NIS has notified victim companies and is raising awareness among South Korean semiconductor firms.
From the meeting notes, it is clear that the South Korean National Intelligence Service has issued a warning about North Korean government spies targeting semiconductor equipment makers’ IT systems. They have been utilizing cyber intrusions in an attempt to steal product designs and photos from at least two chipmakers, with a focus on spurring Kim Jong Un’s plans for a domestic semiconductor industry. This activity has been ongoing, utilizing stealthy techniques to remain undetected.
The NIS did not specifically name the North Korean-backed criminal gang responsible for these intrusions. In response to the attacks, the NIS has collaborated with victim companies to enhance their network security and has shared incident details with other South Korean semiconductor companies to raise awareness about potential cyber threats.
Furthermore, the South Korean government has expressed concerns that North Korea might be preparing to produce its own semiconductors due to challenges in procuring these components because of sanctions and increased demand driven by the development of weapons. This warning comes shortly after a joint warning from the NIS and the German Federal Office for the Protection of the Constitution regarding North Korean state-sponsored spies’ attempts to steal defense technologies globally.
Lazarus Group’s social engineering attacks have been highlighted, particularly in “Operation Dream Job” scams, involving fake job offers to trick job seekers into clicking on malicious links or opening malware-laden attachments. These tactics have targeted defense, government, engineering, and chemical sector companies. It is evident that there is a significant threat from North Korean cybercriminals and state-sponsored espionage, highlighting the need for increased vigilance and cybersecurity measures in the semiconductor and defense sectors.