WASHINGTON, USA: North Korean hackers have launched a global cyber espionage campaign aimed at stealing classified military secrets to support Pyongyang’s nuclear weapons program, according to a joint advisory issued on Thursday by the United States, Britain, and South Korea.
The hackers, known as Anadriel or APT45, are believed to be part of North Korea’s intelligence agency, the Reconnaissance General Bureau, which has been sanctioned by the US since 2015.
The cyber unit has targeted or breached computer systems at a variety of defence and engineering firms. These include manufacturers of tanks, submarines, naval vessels, fighter aircraft, and missile and radar systems. High-profile victims in the U.S. include the National Aeronautics and Space Administration (NASA), Randolph Air Force Base in Texas, and Robins Air Force Base in Georgia, according to officials from the FBI and US Justice Department.
In a notable incident in February 2022, the hackers infiltrated NASA’s computer systems using a malware script, maintaining unauthorized access for three months and extracting over 17 gigabytes of unclassified data. The advisory emphasized that the group and their cyber techniques remain an ongoing threat to various industry sectors worldwide, affecting entities in the US, Britain, South Korea, Japan, and India.
Internationally isolated North Korea, officially known as the Democratic People’s Republic of Korea (DPRK), has a history of employing covert hacking teams to steal sensitive military information. The hackers have also targeted US hospitals and healthcare organizations with ransomware in an effort to raise money for their operations.
On Thursday, the US Justice Department announced charges against one suspect, Rim Jong Hyok, for conspiring to access computer networks in the United States and for money laundering. This highlights the ongoing efforts by international authorities to curb North Korea’s cyber espionage activities.
