Did N. Korea Hack S. Korea’s Key Defense Contractor?

South Korean officials announced an investigation into a security incident at Hanjin Heavy Industries & Construction Co., one of the key contractors involved with building out the nation's naval fleet. North Korea is their top suspect, despite a lack of evidence.

According to local media reports, first published by Yonhap, South Korea's Defense Security Command released a statement that they've opened an investigation into the April 20 hacking at Hanjin.

"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," official sources told the news service.

Hanjin is responsible for the development of some of the largest frigates and amphibious assault vessels used by South Korea's Navy, including the ROKS Dokdo. At this stage of the investigation, officials said there isn't any concrete evidence proving DPRK was behind the attack, but they're not going to rule out the possibility. "North Korea could have been involved, but we are not absolutely sure at this stage," the official said.

The naming of North Korea as a suspect in a recent DIB hacking incident has peculiar timing. For the last week, Salted Hash has had sources close to active IR investigations discussing artifacts and IOCs that suggest Lazarus Group has been active recently.

Lazarus Group is the name given to a group of actors, which many believe to be responsible for a number of attacks over the years, including the hack at Sony Pictures and attacks against other DIB contractors in South Korea. The group is believed to have strong ties to DPRK, but others believe they're officially sanctioned by the rogue nation directly. There is nothing solid to suggest the IR investigations and the Hanjin attack are related, but the timing is certainly odd.

DPRK officials have said this latest investigation is nothing more than a political play, calling the reported attacks at Hanjin fabricated.

CSO

« Hillary Clinton’s Email Problems Just Get Worse
NATO & Pentagon Want Bitcoin Technology »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Secure Forum

Cyber Secure Forum

The Cyber Secure Forum is a premier cybersecurity event dedicated to bringing together experts, and professionals to explore the latest trends, share knowledge, and discuss strategies.

Resilient Information Systems Security (RISS)

Resilient Information Systems Security (RISS)

RISS is a research group is in the Department of Computing at Imperial College London.

Cross Identity

Cross Identity

Cross Identity (formerly Ilantus Technologies) is a complete IAM solution that is deep, comprehensive, and can be implemented even by non-IT persons.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

StackRox

StackRox

StackRox delivers a container-native security platform that adapts detection and response to new threats.

NSIDE Attack Logic

NSIDE Attack Logic

NSIDE Attack Logic simulates real-world cyber attacks to detect vulnerabilities in corporate networks and systems.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Wipe-Global

Wipe-Global

Wipe-Global is specialized in data erasure with an international established service partner network.

Sigma IT

Sigma IT

SIGMA IT is one of the largest IT services organizations in EMEA region providing a full range of solutions and services including cybersecurity, data protection and business continuity.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

Resolvo Systems

Resolvo Systems

Resolvo is provides comprehensive security assessment and testing services in Asia.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

SECTA5

SECTA5

SECTA5 is a cybersecurity company building a next-generation Continuous Threat and Exposure Management platform, leveraging the expertise of offensively trained cyber defenders.

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions (ICS)

Integrated Cyber Solutions is a managed security service provider that humanizes cybersecurity managed services to the Small-to-Medium Business (SMB) and Small-to-Medium Enterprise (SME) sectors.

DefectDojo

DefectDojo

DefectDojo is a DevSecOps and vulnerability management tool.

Koop

Koop

Koop’s trust management platform helps navigate the complexities of regulatory compliance, security reviews, and liability insurance in a single place.