Home > National > North Korea

NIS warns against increasingly sophisticated hacking attacks from North Korea

Published: 04 Mar. 2025, 16:26

KIM MIN-YOUNG
[email protected]

North Korean leader Kim Jong-un speaks at a meeting of the Supreme People's Assembly, which took place from Dec. 23 to Dec. 27, in this photo captured from the Korean Central Television. [CAPTURE]

South Korea’s top spy agency said Tuesday that North Korea’s Reconnaissance General Bureau is using increasingly sophisticated hacking techniques to steal classified information and key technologies from government agencies and companies.

According to the National Intelligence Service (NIS), North Korean hacking groups primarily employ three attack methods to infiltrate and extract data: hacking information technology (IT) service providers to bypass security and penetrate institutions, exploiting software vulnerabilities and targeting weaknesses in security management.

In October last year, a hacking group infiltrated the email of an employee at a South Korean IT maintenance service provider that was in charge of a local government institution, stealing server access credentials.

Using this information, the group attempted unauthorized access to a remote management server of the local government’s computer network to extract administrative data.

Last month, the same group exploited security loopholes in an electronic approval and communication groupware system used by a defense contractor, installing malware to gain access to internal documents, including employee emails and network diagrams.

The hackers also attempted attacks on IT infrastructure maintenance firms, biopharmaceutical companies and mobile identity verification service providers.

To prevent such breaches, the NIS said institutions should implement security measures, such as applying software security patches, restricting administrator account access via the internet and conducting regular vulnerability assessments.

The agency also urged companies to strengthen internal security management by creating a checklist of basic security protocols for cross-checking and addressing vulnerabilities, as well as enhancing employees' security awareness through training.

“Software supply chain attacks can cause widespread damage, making it crucial for both IT providers and users to remain vigilant,” said Yoon Oh-jun, vice director of the NIS.

Yoon said that the NIS will continue efforts to enhance supply chain security, including institutionalizing a security framework by 2027.

BY CHO MOON-KYU [[email protected]]