North Korean hackers are stealing military secrets, US and allies say

It was co-authored by the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA) and cyber agencies, Britain’s National Cyber Security Centre (NCSC) and South Korea’s National Intelligence Service (NIS).

“The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes,” said Paul Chichester at the NCSC, a part of Britain’s GCHQ spy agency.

The FBI also issued an arrest warrant for one of the alleged North Korean hackers, and offered a reward of up to US$10 million for information that would lead to his arrest. He was charged with hacking and money laundering, according to a poster uploaded to the FBI’s Most Wanted website on Thursday.

Internationally isolated North Korea, or the Democratic People’s Republic of Korea (DPRK), has a long history of using covert hacking teams to steal sensitive military information.

In August last year, Reuters exclusively reported that one elite group of North Korean hackers had successfully breached systems at NPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow.

As was the case with that hack, APT45 – a part of North Korea’s Reconnaissance General Bureau intelligence agency – used common phishing techniques and computer exploits to trick officials at the firms they were targeting into giving away access to their internal computer systems, Thursday’s advisory said.