Kimsuky Hackers Strike Again: Suspected North Korean Group Targets Joint Military Exercise, Raises Concerns on Intelligence Gathering
Suspected North Korean hackers target joint South Korea-US military drills, attempting to breach war simulation center. No classified information compromised, but previous hack link found. North Korea condemns drills.
Suspected North Korean hackers targeted the annual Ulchi Freedom Shield drills, a joint military exercise between South Korea and the United States, set to begin on Monday. The attack, conducted by a group known as Kimsuky, attempted to breach the South Korea-US combined exercise war simulation center by sending malicious emails to South Korean contractors.
While the hacking attempt was successful, no classified military information was compromised, according to the Gyeonggi Nambu Provincial Police Agency. The IP address used in the attack matched one linked to a 2014 hack against South Korea's nuclear reactor operator, which was also attributed to North Korea.
Kimsuky, believed to be active since 2012, is known for its spear-phishing tactics and is likely tasked by the North Korean regime with intelligence gathering missions. North Korea has repeatedly condemned the joint military drills, viewing them as preparation for an invasion.