Did N. Korea Hack S. Korea’s Key Defense Contractor?

Uploaded on 2016-07-11 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--International, INTELLIGENCE-Hot Spots-North Korea, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

South Korean officials announced an investigation into a security incident at Hanjin Heavy Industries & Construction Co., one of the key contractors involved with building out the nation's naval fleet. North Korea is their top suspect, despite a lack of evidence.

According to local media reports, first published by Yonhap, South Korea's Defense Security Command released a statement that they've opened an investigation into the April 20 hacking at Hanjin.

"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," official sources told the news service.

Hanjin is responsible for the development of some of the largest frigates and amphibious assault vessels used by South Korea's Navy, including the ROKS Dokdo. At this stage of the investigation, officials said there isn't any concrete evidence proving DPRK was behind the attack, but they're not going to rule out the possibility. "North Korea could have been involved, but we are not absolutely sure at this stage," the official said.

The naming of North Korea as a suspect in a recent DIB hacking incident has peculiar timing. For the last week, Salted Hash has had sources close to active IR investigations discussing artifacts and IOCs that suggest Lazarus Group has been active recently.

Lazarus Group is the name given to a group of actors, which many believe to be responsible for a number of attacks over the years, including the hack at Sony Pictures and attacks against other DIB contractors in South Korea. The group is believed to have strong ties to DPRK, but others believe they're officially sanctioned by the rogue nation directly. There is nothing solid to suggest the IR investigations and the Hanjin attack are related, but the timing is certainly odd.

DPRK officials have said this latest investigation is nothing more than a political play, calling the reported attacks at Hanjin fabricated.

CSO

« Hillary Clinton’s Email Problems Just Get Worse
NATO & Pentagon Want Bitcoin Technology »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Bromium

Bromium

Bromium deliver a new technology called micro-virtualization to address the enterprise security problem and provide protection for end users against advanced malware.

Deutsche Cyber-Sicherheitsorganisation (DCSO)

Deutsche Cyber-Sicherheitsorganisation (DCSO)

DCSO was founded in 2015 with the aim of counteracting the threats posed by globally organized cybercrime and state-controlled industrial espionage.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

Sikur

Sikur

Sikur have developed a communication platform that sets new boundaries for corporate privacy and security.

AppTec

AppTec

AppTec is a leading software vendor in the field of Unified Endpoint Management and Mobile Security.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

Swascan

Swascan

Swascan is the first all-in-one, GDPR Compliant, Cloud Security Suite Platform. GDPR Assessment, Web Application Scan, Network Scan, Code Review.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija (Slovenia Accreditation) is the national standards accreditation body for Slovenia.

Ukrainian Academy of Cyber Security (UACS)

Ukrainian Academy of Cyber Security (UACS)

UACS is a professional non-profit public organization established to promote the development of an extensive network and ecosystem of education and training in the field of cyber security.

Loki Labs

Loki Labs

Loki Labs provides expert cyber security solutions and services, including vulnerability assessments & penetration testing, emergency incident response, and managed security.

Intaso

Intaso

Intaso are a boutique head hunting and talent solution firm with specialist Cyber and Information Security expertise.

Corsearch

Corsearch

Combining AI-powered technology and decades of industry expertise, Corsearch is revolutionizing how companies establish and protect their brands.

Levio

Levio

Levio is a digital native business and technology consulting firm. As a true partner from start to finish, our goal is a long-lasting transformation that’s right for your business model.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

Ipseity Security

Ipseity Security

Ipseity Security provide security-centric advisory and consulting services for organizations to secure their perimeter-less digital transformation to meet business and security requirements.

ENKI WhiteHat

ENKI WhiteHat

ENKI WhiteHat is an offensive security specialist, preemptively addressing cyber threats from a hacker’s perspective.