Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

DPRK Hackers Breach South Korean Chipmakers, Steal Designs | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker | #hacking | #aihp

Cyberwarfare / Nation-State Attacks
Fraud Management & Cybercrime
Geo Focus: Asia

Investigators Say North Korean Groups Are Seeking Advanced Chips for Military Use

Image: Shutterstock

South Korean intelligence has alluded to North Korean cyber actors conducting a series of attacks targeting the country’s leading semiconductor manufacturing companies. Suspected nation-state actors accessed sensitive product designs and photos of production facilities – information that could help the regime modernize its chip-making capabilities for military applications.

See Also: User Entity & Behavior Analytics 101: Strategies to Detect Unusual Security Behaviors

The hackers used “living off the land” techniques in the second half of 2023 to get inside configuration management and security policy servers of two semiconductor manufacturers, the National Intelligence Service said. They remained undetected from December to February and stole data from multiple servers.

NIS said the intelligence-gathering hack likely stemmed from North Korea’s inability to buy advanced semiconductors due to Western sanctions. North Korea needs modern semiconductors to develop next-generation weapons systems and satellites.

North Korean leader Kim Jong Un recently escalated verbal threat against his country’s southern neighbor, threatening to use nuclear weapons if provoked. In January, he declared South Korea his country’s “primary foe and invariable principal enemy” and soon afterward, the military fired long-range ballistic missiles into the sea to demonstrate its capability.

To circumvent economic sanctions, North Korea has relied on state-funded espionage efforts in recent years to obtain access to critical technologies. According to South Korea’s NIS, North Korea was responsible for 80% of cyberattacks that targeted public sector organizations in 2023.

In December, Seoul accused the regime of stealing sensitive data from South Korean defense companies, including information on advanced anti-aircraft weapons. The NIS also accused the Kim Jon Un regime of conducting “intensive hacking attacks” on South Korean shipbuilders to steal critical technologies necessary to build large warships (see: North Korean Hackers Target South Korean Naval Shipyards).

According to Microsoft, North Korean hacking groups have directed cyberespionage efforts on defense companies in Brazil, the Czech Republic, Finland, Italy, Norway and Poland since January 2023. They also targeted and compromised defense firms in Germany and Israel between November 2022 and January 2023.

Challenges for South Korean Chipmakers

Successful cyberespionage attacks, such as the ones in December and February, could erode South Korea’s leadership in semiconductor manufacturing and exports at a time when the country’s chip manufacturers are refocusing investments to comply with U.S.-led limits on chips sent to China.

South Korean chipmakers enjoy a 17.7% share of the global semiconductor market and dominate the DRAM and NAND markets with a 70% and 52% market share, respectively. In 2022, the country exported semiconductors worth $129.2 billion, which accounted for one-fifth of its overall exports.

Leading chipmakers Samsung and SK Hynix Inc. are investing in developing high-bandwidth memory chips that can power generative AI applications, but they fear getting caught in the crossfire of an emerging chip war between the U.S. and China.

China is South Korea’s top market for semiconductor exports, and domestic firms exported $50.3 billion worth of integrated circuits to the country in 2022. But with the U.S. CHIPS Act discouraging chipmakers from sharing high-end semiconductor technology with China, the Asian giant has pivoted toward self-sufficiency, investing close to $40 billion in 2023 to purchase chip manufacturing machinery.

China’s growing ability to manufacture advanced chips, aided to an extent by cyberespionage operations against global giants, threatens to erode South Korean chipmakers’ competitiveness in the future. An EclecticIQ study in October revealed how a Chinese espionage group targeted the Chinese-speaking semiconductor industry in Taiwan, Hong Kong and Singapore with a Taiwan Semiconductor Manufacturing Company Limited-themed lure.

North Korea’s ability to conduct silent cyberespionage operations against South Korean chipmakers could also enhance the regime’s capacity to develop advanced chips for military applications. A study conducted by the Korea Economic Institute of America says that the regime invests heavily in advanced technologies, but malicious use of the technology could directly threaten its neighbors in the Far East.

“As far as advanced weapons are concerned, North Korea is developing intercontinental ballistic missiles, submarine-launched ballistic missiles, Iskandar missiles, and hypersonic missiles. The public’s concern centers on North Korea’s advanced military technology because they have repeatedly conducted nuclear and ICBM tests, ignoring the norms of the international community,” researchers said.

South Korea’s NIS also warned on Monday that “North Korea may have begun preparing to produce its own semiconductors due to difficulties in procuring semiconductors due to sanctions against North Korea and increased demand due to the development of weapons such as satellites and missiles.”

The U.S. Defense Intelligence Agency warned in 2021 that Kim Jong Un intends to bolster the military’s conventional warfighting capabilities, develop ICBMs and SRBMs to deter foreign forces from initiating a war, and use cyberattacks as a tool to achieve its interests.

“Pyongyang will focus hacking efforts on targets that offer opportunities to steal useful information and deny or disrupt our use of computer networks,” DIA said. “Cyber-enabled theft and currency-generating activities also will continue, and the North’s hacking techniques may become more sophisticated.”

Click Here For The Original Source.