Hacking groups affiliated with North Korea have successfully infiltrated the systems of at least two South Korean manufacturers specializing in chipmaking equipment. This incursion is part of North Korea’s strategy to bypass sanctions and bolster its semiconductor production for military programs. The nation’s intelligence agency issued a cautionary alert to the local chip industry, urging heightened vigilance against the recent wave of cyberattacks employing a technique known as “living off the land” (LotL). In this method, hackers conceal their malware within a system using legitimate tools, making it challenging for victims to detect and defend against these covert threats.
Hacking semiconductor companies highlights critical cybersecurity vulnerabilities and escalating tensions in global cyber skirmishes. Semiconductor firms are essential to the tech industry, making the chips that power everything from smartphones to cars. When hackers attack them, they don’t just steal secrets; they disrupt production and sour the trust in the global tech ecosystem.
As these breaches show, North Korea’s hackers are becoming more daring, innovative, and sophisticated. They can breach sophisticated security defenses and large-scale attacks against financial institutions, media outlets, government agencies, and businesses. They also increasingly rely on tactics, including spear phishing, ransomware, and digitally mined cryptocurrency.
Cyberattacks on South Korean chipmakers are the latest in a series of cyber assaults on the country’s economy and society by the reclusive regime. The nation’s banks, hospitals, and other vital industries have also been subjected to extensive cyberattacks, while its citizens have faced a torrent of fake news and propaganda.
The attacks on the semiconductor industry come as South’s President Yoon Suk Yeol warns North Korea could stage provocations, such as cyber-attacks or spreading fake news, to interfere in April’s parliamentary elections. He called on the government, military, and private sector to enhance cooperation and prepare for such incidents. Yoon’s office also said hackers breached the personal emails of his staff member ahead of a trip to Europe last month. The office said the attack only affected personal emails and did not compromise the presidential secretariat.
The staff member had violated office rules by using commercial email services for some work. Yoon will meet with British Prime Minister Theresa May and visit France next week. The visit comes amid escalating political tension between the U.S., Russia, and China, as well as tension between Pyongyang and Seoul over the North’s nuclear ambitions. The North’s latest nuclear test in February sparked international condemnation, prompting Pyongyang to announce plans for a summit with Seoul this year. The North is believed to be seeking economic and diplomatic concessions for the meeting. The last inter-Korean summit was held in September 2012.