Posted on August 13, 2020 at 2:45 PM
Lazarus Hacking Group Attacks Israeli Defense Ministry
Israel has reported that it stopped an attack by the North Korean hacking group on the country’s defense industry. However, while Israel claims the attack was thwarted, a cybersecurity firm said it was successful. The fear of some officials is the likelihood of the North Korean hacking group sharing the stolen critical information with Iran.
The Israeli defense ministry revealed that the attack was deflected “in real-time” and there was no disruption or harm to its computer systems.
But ClearSky security researchers, who initially uncovered the attack, have a different opinion about the attack. They said the North Korean hackers were able to infiltrate the Israeli military database and may have stolen some sensitive data in the process.
Some Israeli officials and American security agencies believed that the hacking group has strong support from Pyongyang.
North Korean hackers linked with various hacking incidents
This attack on Israel is the latest addition to a huge list of victims (both companies and countries) the North Korean hackers have targeted, who is regarded as the Lazarus Group by cybersecurity firms.
In 2018, the U.S. federal prosecutors uncovered the North Korean members of the Lazarus Group. The report revealed that the group has a close p[partnership with North Korean military intelligence known as Lab 110.
In the complaint, U.S. agencies accused the group of having a major hand in the “WannaCry” ransomware attack three years ago. The attack compromised over 300,000 computers in 150 countries. The group has also been fingered in various other cyberattacks in the past, most notably the 2014 attack on Sony Pictures, which crippled two-thirds of the studio’s computer server.
The cyber theft of $81 million from Bangladesh Bank is another incidence the North Korean hackers have been linked with. Although the hacking history of the group is mixed, the country’s army of over 6,000 hackers has grown even more emboldened and sophisticated with time.
Hackers are raising money to fund the country’s nuclear weapon program
Based on an April report by the FBI, the Treasury Department, and the Department of Homeland Security, North Korea has increasingly used digital methods to evade sanctions by international authorities. The country has also been accused of using cyber espionage to raise money for the country’s nuclear weapon program.
The country has also been accused of lending its hackers to other countries and cybercriminals in what is regarded as “hacking for hire.”
The U.S Justice Department recently accused a North Korean citizen Park Jin Hyok of conspiring to commit severe cyberattacks through the Lazarus hacking group.
Cyber-war between Israel and Iran intensifies
The latest hacking activities on the Israeli military is raising concerns about the possibility of Iran getting hold of the hacked data. An Israeli official is concerned that the hackers could share the details of the hack to their arch-rival. According to the official, that is a major concern.
For several months, Israel has been involved in a highly intensified cyber conflict with Iran. Israel revealed it recently prevented a cyber attack on its water infrastructure. Israeli officials said the attack was meant to increase the level of chlorine to dangerous levels as the coronavirus has made Israelis to be quarantined at home.
After the botched attack in April, Israel launched an attack on an Iranian port two weeks later in retaliation. The attack led to miles-long shipping traffic as it knocked out the port’s servers offline.
ClearSky researchers revealed that the attack by the North Korean hacking group on Israeli’s defense industry started in June after a LinkedIn message.
The hackers camouflaged as Boeing headhunter and sent a malicious email to one of the top engineers at a government-owned military weapons manufacturing company. The company manufactures military weapons for the Israeli military and intelligence unit.
Hackers used a bogus LinkedIn profile for the headhunter called Dana Lopp to impersonate the actual Ms. Lopp at the Boeing human resource department. The security researchers already sent her an email, but she has not responded.
Ms. Lopp was among the headhunters from major defense and aerospace firms like BAE systems, McDonnel Douglass, as well as Boeing, who the North Korean hackers impersonated on LinkedIn.