Google: "North Korean hackers armed with AI, focusing attacks on South Korea's defense industry and semiconductors... government is not safe either"

"North Korean hacker groups are targeting South Korea's defense, semiconductor, and automobile industries. They are after important intellectual property and technical information, and the government cannot be safe from various threats."



Luke McNamara, deputy chief analyst at Google's Threat Intelligence Group, speaks during a media briefing for "Google Cloud Security Day" held at the Gangnam Finance Center in Seoul on the morning of the 19th. [Photo = Reporter Yoon So-jin]



Luke McNamara, deputy chief analyst at Google's Threat Intelligence Group, warned of the North Korean hacker group's expansion of attacks on major South Korean industries and the possibility of threats to government agencies during a media briefing for "Google Cloud Security Day" held at the Gangnam Finance Center in Seoul on the 19th. The analysis is that attacks by state-sponsored hacking groups are becoming more covert and their attack methods utilizing generative artificial intelligence (AI) are evolving, so companies and the government need to respond proactively.



North Korean hacker attack methods are evolving… According to analyst McNamara,



the industries that have been most attacked in Korea in the past two years are manufacturing, financial services, and media and entertainment. Among them, North Korean hacking groups such as APT45 and Lazarus are focusing their attacks on Korea's defense, semiconductor, and automobile industries.



Analyst McNamara warned, "In particular, the defense industry is currently receiving a lot of investment worldwide, making it a major target for hacking groups supported by countries such as North Korea." He added, "South Korean defense companies are also facing attacks targeting new technologies and potential buyer information."



In this process, North Korea is known to be using a new threat strategy called disguising IT personnel as employees. North Korean IT personnel are employed by companies in other countries and the profits are transferred to the North Korean government or internal information is stolen.



No such cases have been detected in Korea yet. However, they are mainly found in North America and are spreading globally to Southeast Asia, Europe, and Latin America.



Analyst McNamara explained, "North Korean IT workers are reluctant to participate in video conferences or request that their laptops be delivered to a different address than their resumes." He added, "They bypass background checks and open bank accounts through local brokers. After employment, they can be threatened with data leaks or even be fired."



Stealing credentials through phishing... Increased attack efficiency with generative AI



Another characteristic of North Korean hacking groups is that they are using generative AI to increase attack efficiency. Analyst McNamara explained, "Hacking groups in China, Iran, and North Korea are using generative AI to enhance the entire attack process, including reconnaissance, vulnerability research, and malware development."



What is concerning is the possibility that these attacks could expand to government agencies. Analyst McNamara said, "Governments are always a major target of various threat actors. North Korea's APT 45 group targets policymakers in South Korea, Japan, and the United States and is looking for political information."



Basic security enhancement is essential to respond to these attacks. Analyst McNamara emphasized the importance of introducing strong multi-factor authentication (MFA) and regular credential replacement for security in cloud environments.



Credential theft refers to an act in which a cyber attacker steals the login information (ID and password) of a legitimate user. In the fourth quarter of last year, 43% of the cloud breach incidents responded to by Google Cloud Mandiant were caused by credential theft (ID and password) through phishing.



Analyst McNamara urged companies to strengthen their security awareness, saying, "There was a case in which the stolen credentials two years ago did not have MFA and were not replaced, so the attackers were able to log in again."





https://www.inews24.com/view/blogger/1824920

Comments

Post a Comment

Popular posts from this blog

Livestock Manure Methane Is Soaring, But ‘Resource Recovery’ Isn’t Working [Now is a Climate Crisis]

Image
It has been pointed out that the methane emissions from the livestock waste treatment process were actually reported to be 2.5 times smaller than the previous calculation standards. It is expected that livestock waste will increase rapidly in the future, but an analysis report has been released that 'biogasification', which turns it into a resource, is only at the 10% level. It is urgent to come up with countermeasures as methane, one of the greenhouse gases, is expected to increase rapidly. According to the analysis of the entire livestock waste treatment process for the first time in Korea, the largest source of methane emissions was pigs (73%), and only 14% of pig waste was used for biogas in the public sector. It has been pointed out that it is urgent to come up with countermeasures as methane from livestock waste is increasing rapidly but 'resource conversion' is insufficient. [Photo = Climate Solution] About half of domestic methane...
Read more

KT-MS, 'Super Cooperation' to Improve Korea's AI Capabilities... "Providing AI Education to All Citizens" (Comprehensive)

Image
KT and Microsoft (MS) are going beyond corporate partnerships to engage in hyper-collaboration to enhance Korea's artificial intelligence (A)I capabilities. The plan is to provide AI education to all citizens interested in AI and contribute to improving the level of "national AI literacy" (the ability to understand and utilize AI technology). KT CEO Kim Young-seop (left) and Microsoft CEO and Chairman of the Board Satya Nadella pose for a commemorative photo after meeting at KT's Gwanghwamun office on the 25th. [Photo = KT] First official meeting of the two companies' CEOs in Korea···Discussion of plans to promote AX in Korea On the 26th, KT announced that KT CEO Kim Young-seop and Microsoft CEO and Chairman of the Board Satya Nadella met and exchanged opinions on accelerating the industry's AX (AI transition). The explanation is that they discussed agenda items that will help strengthen the country's AI competitivenes...
Read more

"TSMC to have 2nm line with monthly production capacity of 50,000 sheets by year-end"

Image
There is a report that TSMC, the world's largest foundry, is expected to have a 2nm process line capable of producing around 50,000 sheets per month by the end of this year. TSMC [Photo = TSMC] Taiwanese economic media Commercial Times reported on the 24th (local time) that TSMC's 2nm process production capacity could reach 50,000 sheets per month by the end of the year, and could increase to 80,000 sheets once the Baoshan and Kaohsiung factories are fully operational. TSMC's Baoshan factory is scheduled to receive its first order for the second half of this year from April 1, and its Kaohsiung factory in southern Taiwan is also reported to hold an expansion ceremony on the 31st. Kuo Ming-chi, an analyst at TF International, claimed via X (formerly Twitter) that "TSMC's 2nm trial production yield had already reached 60-70% three months ago, and is now well above that." TSMC has already secured an overwhelming share of th...
Read more