By Dain Oh, The Readable
Mar. 4, 2024 8:54PM GMT+9
South Korea’s semiconductor industry has become a significant target for North Korean hackers, with two companies recently falling victim to their attacks.
It is believed that the hackers, who managed to steal computer chip blueprints and photographs of facilities, are seeking to secure knowledge that would enable North Korea to develop its own chips. This initiative aims to circumvent international sanctions imposed on the Pyongyang regime, designed to prevent the North from acquiring the essential technology needed for chip manufacturing, according to a statement from a spy agency.
The National Intelligence Service (NIS) issued a warning on Monday, revealing that it had detected intensive hacking attempts targeting South Korean chip manufacturers. These attacks—which originated in the North—commenced late last year and have continued until very recently.
The statement detailed how North Korean hackers targeted vulnerable chip-making firms with servers connected to the internet, focusing their efforts on these servers. Instead of relying primarily on malicious codes, the hackers predominantly used legitimate software already installed on the victims’ servers. This approach, known as “Living off the land (LOTL),” allows malicious actors to evade detection using security tools, a tactic well-recognized among security experts.
In December of last year, a chip company’s configuration server fell victim to hacking by North Korean threat groups, leading to the theft of its product blueprints. Additionally, in February of this year, another semiconductor manufacturer was targeted in cyberattacks that compromised its security policy servers, resulting in photographs of the facility falling into the hands of the attackers.
The NIS informed the affected companies about these attacks and assisted them in coordinating their incident response. Furthermore, the national security watchdog agency supplied major players in the semiconductor market with cyber threat intelligence to help prevent further damages.
The NIS suspects that the North Korean regime has begun taking steps toward manufacturing its own chips, as the country faces challenges in acquiring semiconductors due to international sanctions. The spy agency further noted that North Korea likely requires additional chips to advance its satellite and missile development programs, indicating this as the primary motive behind the state-sponsored hackers targeting South Korea’s chip industry.
The NIS emphasized, “It is essential to perform security updates on servers that are exposed to the internet and to implement access controls.” The agency added, “Proper account management should be maintained, and the authentication process must be regularly strengthened.”
The cover image of this article was designed by Areum Hwang. This article was copyedited by Arthur Gregory Willers.
Dain Oh is a distinguished journalist based in South Korea, recognized for her exceptional contributions to the field. As the founder and editor-in-chief of The Readable, she has demonstrated her expertise in leading media outlets to success. Prior to establishing The Readable, Dain was a journalist for The Electronic Times, a prestigious IT newspaper in Korea. During her tenure, she extensively covered the cybersecurity industry, delivering groundbreaking reports. Her work included exclusive stories, such as the revelation of incident response information sharing by the National Intelligence Service. These accomplishments led to her receiving the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology, a well-deserved accolade bestowed upon her through a unanimous decision. Dain has been invited to speak at several global conferences, including the APEC Women in STEM Principles and Actions, which was funded by the U.S. State Department. Additionally, she is an active member of the Asian American Journalists Association, further exhibiting her commitment to journalism.
