Did N. Korea Hack S. Korea’s Key Defense Contractor?

South Korean officials announced an investigation into a security incident at Hanjin Heavy Industries & Construction Co., one of the key contractors involved with building out the nation's naval fleet. North Korea is their top suspect, despite a lack of evidence.

According to local media reports, first published by Yonhap, South Korea's Defense Security Command released a statement that they've opened an investigation into the April 20 hacking at Hanjin.

"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," official sources told the news service.

Hanjin is responsible for the development of some of the largest frigates and amphibious assault vessels used by South Korea's Navy, including the ROKS Dokdo. At this stage of the investigation, officials said there isn't any concrete evidence proving DPRK was behind the attack, but they're not going to rule out the possibility. "North Korea could have been involved, but we are not absolutely sure at this stage," the official said.

The naming of North Korea as a suspect in a recent DIB hacking incident has peculiar timing. For the last week, Salted Hash has had sources close to active IR investigations discussing artifacts and IOCs that suggest Lazarus Group has been active recently.

Lazarus Group is the name given to a group of actors, which many believe to be responsible for a number of attacks over the years, including the hack at Sony Pictures and attacks against other DIB contractors in South Korea. The group is believed to have strong ties to DPRK, but others believe they're officially sanctioned by the rogue nation directly. There is nothing solid to suggest the IR investigations and the Hanjin attack are related, but the timing is certainly odd.

DPRK officials have said this latest investigation is nothing more than a political play, calling the reported attacks at Hanjin fabricated.

CSO

« Hillary Clinton’s Email Problems Just Get Worse
NATO & Pentagon Want Bitcoin Technology »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Interpol

Interpol

Interpol is the world’s largest international police organization. It is committed to the global fight against cybercrime, as well as tackling cyber-enabled crimes.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Skkynet Cloud Systems

Skkynet Cloud Systems

Skkynet is a leader in real-time data systems for the secure management and control of industrial processes (SCADA) and embedded devices (M2M).

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

Epati Information Technologies

Epati Information Technologies

ePati Information Technologies is a specialist in information technology and cyber security.

Zerodium

Zerodium

Zerodium is the leading exploit acquisition platform for premium zero-days and advanced cybersecurity research.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Berkeley Varitronic Systems (BVS)

Berkeley Varitronic Systems (BVS)

Berkeley Varitronics Systems is an engineering think tank delivering custom wireless RF engineering products and solutions including cyber security.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

Lupovis

Lupovis

Lupovis is an AI-based deception solution that deploys active decoys turning your network from a flock of sheep to a pack of wolves where the hunter becomes the hunted.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.

Mayer Brown

Mayer Brown

Mayer Brown is a global law firm. We have deep experience in high-stakes litigation and complex transactions across industry sectors including the global financial services industry.

CyFlare

CyFlare

CyFlare’s security platform integrates your tools with ours – delivering true positives, automated remediation, and interactive analytics built for security management teams.

Benchmark Executive Search

Benchmark Executive Search

Benchmark specializes in finding elite talent for startup, emerging-growth and mid-cap companies offering game-changing technologies or innovative services to the federal and commercial markets.

Internet Watch Foundation (IWF)

Internet Watch Foundation (IWF)

Since the early days of the internet, our job has been to help child victims of sexual abuse by hunting down and removing any online record of the abuse.