Cybersecurity News that Matters

Cybersecurity News that Matters

Google discloses North Korean cyberespionage closely linked to missile tests

by Kuksung Nam

Apr. 04, 2023
7:52 PM GMT+9

The hacking group Kimsuky, which works for the North Korean government, is expected to increase their cyberespionage campaigns as the country continues to conduct their ballistic missile program, according to a cyber threat expert on Tuesday.

“As we see more and more missile tests from North Korea, we will see more and more activities from the advanced persistent threat (APT) 43,” said Luke McNamara, a principal analyst at Google and previously at Mandiant before its acquisition by Google, in a media briefing held in Seoul. APT43 is a name given to the North Korean state-sponsored hacking group by the threat intelligence company that has been tracking the hacking group’s activities since 2018.

In the words of the expert, the hacking group has been conducting cyberespionage campaigns against policymakers and researchers to gather information on nuclear policy, sending compromised emails several hours after they launched basilic missiles. These activities have been crucial to the North Korean government, as they have scarce resources regarding foreign intelligence agents.

McNamara said that they have discovered two different types of spear-phishing attacks from North Korean hackers. A traditional spear-phishing attack is a practice where hackers send malicious emails to coax their targets into giving up their personal information or other sensitive information. The expert explained that the North Korean state-sponsored hackers simply asked someone who was working on the policy matters for strategic analysis on nuclear policy without embedding any malicious code in the emails.

“This is a fairly unique tactic,” said the expert. “We don’t really see this activity from Russian, Chinese, or Iranian threat actors. They are usually using malware or credential collection.” McNamara explained that one of the reasons the North Korean hackers are using this sort of attack method is that it could help avoid detection since it is more probable that a recipient would be suspicious of an email that has uncertain files attached rather than an email with a questionnaire.


Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights