North Korea hacked South Korea chip equipment makers, Seoul says

05.03.2024

North Korean hackers have successfully infiltrated the systems of South Korean chip equipment manufacturers, as reported by South Korea’s intelligence agency. The National Intelligence Service (NIS) reveals that Pyongyang’s motive is to develop semiconductors for its weapons programs, a concern raised by President Yoon Suk Yeol a month earlier, who warned of potential provocations, including cyber attacks, to disrupt upcoming elections.

The NIS suggests that North Korea may be driven to produce its own semiconductors due to challenges in procuring them amid sanctions. The agency speculates that this effort is particularly aimed at obtaining chips for weapons programs such as satellites and missiles.

According to the NIS, the cyber intrusion occurred in December and February when North Korea breached the servers of two chip equipment companies, stealing product designs and facility photographs. While the affected companies were not disclosed, the NIS urges caution and increased cybersecurity measures for other entities in the chip manufacturing industry.

Employing a technique known as “living off the land,” North Korean hackers minimized the use of malicious codes, relying on existing, legitimate tools within servers. This approach makes detection challenging for security software.

President Yoon’s office clarified that the breach of an aide’s email account was due to a violation of security regulations, denying any compromise of the official system. Despite North Korea consistently denying involvement in cybercrimes, South Korea attributes large-scale thefts, often in cryptocurrency, to fund the regime and its nuclear weapons program. Estimates suggest that North Korea has pilfered up to $3 billion since 2016.

Beyond financial motives, North Korea is believed to conduct cyber attacks to steal state secrets, particularly advanced weapons technology. Despite facing severe international sanctions, the country continues to enhance its sophistication in carrying out cyber operations.