A cyber group supported by North Korea has been accused of carrying out an online espionage campaign to steal military and nuclear secrets from the UK, US and South Korea.
The National Cyber Security Centre (NCSC) said the Andariel group has been compromising organisations around the world to steal sensitive and classified technical information and intellectual property data.
The NCSC, part of the UK’s GCHQ intelligence agency, believes that Andariel is a part of North Korea’s reconnaissance general bureau.
It mainly targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors.
Andariel also launched ransomware attacks against US healthcare organisations in order to extort payments and fund further espionage activity, the NCSC said.
The group has attempted to obtain information, such as contract specification, design drawings and project details.
NCSC director of operations Paul Chichester said: “The global cyber espionage operation that we have exposed today shows the lengths that DPRK [Democratic People’s Republic of Korea)]state-sponsored actors are willing to go to pursue their military and nuclear programmes.”
In some cases, the hackers carried out both ransomware attacks and cyber espionage operations on the same day against the same victim.
US law enforcement agencies believe Andariel targeted five healthcare providers, four US-based defence contractors, two US Air Force bases and Nasa’s office of inspector general.
The US State Department offered a reward of up to $10 million (£7.76 million) for information on Rim Jong Hyok, who it said was associated with Andariel.
Follow STV News on WhatsApp
Scan the QR code on your mobile device for all the latest news from around the country