Did N. Korea Hack S. Korea’s Key Defense Contractor?

Uploaded on 2016-07-11 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--International, INTELLIGENCE-Hot Spots-North Korea, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

South Korean officials announced an investigation into a security incident at Hanjin Heavy Industries & Construction Co., one of the key contractors involved with building out the nation's naval fleet. North Korea is their top suspect, despite a lack of evidence.

According to local media reports, first published by Yonhap, South Korea's Defense Security Command released a statement that they've opened an investigation into the April 20 hacking at Hanjin.

"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," official sources told the news service.

Hanjin is responsible for the development of some of the largest frigates and amphibious assault vessels used by South Korea's Navy, including the ROKS Dokdo. At this stage of the investigation, officials said there isn't any concrete evidence proving DPRK was behind the attack, but they're not going to rule out the possibility. "North Korea could have been involved, but we are not absolutely sure at this stage," the official said.

The naming of North Korea as a suspect in a recent DIB hacking incident has peculiar timing. For the last week, Salted Hash has had sources close to active IR investigations discussing artifacts and IOCs that suggest Lazarus Group has been active recently.

Lazarus Group is the name given to a group of actors, which many believe to be responsible for a number of attacks over the years, including the hack at Sony Pictures and attacks against other DIB contractors in South Korea. The group is believed to have strong ties to DPRK, but others believe they're officially sanctioned by the rogue nation directly. There is nothing solid to suggest the IR investigations and the Hanjin attack are related, but the timing is certainly odd.

DPRK officials have said this latest investigation is nothing more than a political play, calling the reported attacks at Hanjin fabricated.

CSO

« Hillary Clinton’s Email Problems Just Get Worse
NATO & Pentagon Want Bitcoin Technology »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Infosecurity Europe

Infosecurity Europe

Infosecurity Europe is Europe’s number one information security conference and exhibition.

LexisNexis Risk Solutions

LexisNexis Risk Solutions

LexisNexis Risk Solutions provides technology solutions for Anti-Money Laundering, Fraud Mitigation, Anti-Bribery and Corruption, Identity Management, Tracing and Investigation.

CERT-UG/CC

CERT-UG/CC

CERT-UG/CC is the national Computer Emergency Response Team for Uganda, operating under the National Information Technology Authority (NITA-U)

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

World Wide Technology (WWT)

World Wide Technology (WWT)

WWT is a technology solution provider in the areas of big data, collaboration, computing and cloud, mobility, networking, security and storage.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

Dale Peterson

Dale Peterson

Dale Peterson, a leading ICS security and control system IT information expert, provides consulting services to assess and improve the security of SCADA and DCS.

Wayra

Wayra

Wayra connects Telefónica and technological disruptors around the world. As their preferred strategic partner, we scale them up to accelerate their business and ours.

Scarlett Cybersecurity

Scarlett Cybersecurity

Scarlett Cybersecurity provide cybersecurity services to US private and public organizations with specific emphasis on compliance and cybersecurity incident prevention, detection, and response.

EasyDMARC

EasyDMARC

EasyDMARC deliver the most comprehensive product for anyone who strives to build the most secure possible defence system for their email ecosystem.

RB42

RB42

RB42 (formerly Nexa Technologies) provide cyber defense solutions (ComUnity, secure and encrypted messaging, detection of interception tools, etc) and cyber defense consultancy service.

CypherEye

CypherEye

CypherEye is a next generation trust platform that advances the current state of Multi-factor Authentication (MFA) to enable highly secure, private and auditable cyber-transactions.

Prikus Tech

Prikus Tech

Prikus is a full-fledged Cyber Security Company helping organizations worldwide to manage cyber risks. We offer Risk & Compliance Services, Security Testing & Managed Security Services.

Hexiosec

Hexiosec

Hexiosec (formerly Red Maple Technologies) is a technical consultancy and product company founded and run by engineers from the UK Intelligence and Defence communities.

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.

The Aerospace Corporation

The Aerospace Corporation

The Aerospace Corporation is playing a key role in advancing space cybersecurity through innovative prototypes that can quickly detect and mitigate cyber threats.