Connect with us

International Circuit

North Korea targets Russian missile developer in major cyberattack

In a bid to steal technology, an elite group of North Korean hackers secretly breached computer networks at a major Russian missile developer for nearly five months in 2022, reported Reuters on Tuesday.

The cyber-espionage teams to the North Korean government targeted Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on the outskirts of Moscow. The team, secretly called as ScarCruft and Lazarus, installed stealthy digital backdoors into system at NPO Mashinostroyeniya found Reuters’ James Pearson and Christopher Bing.

Till now, there has been no clarity on wether any data was taken during the intrusion or about the information that was leaked. In the months following the digital break-in Pyongyang announced several developments in its banned ballistic missile programme but it is not clear if this was related to the breach.

The incident is a proof how North Korea can target even its allies, like Russia, to acquire technologies, reported Reuters.

There was no official confirmation by NPO Mashinostroyeniya officials about the espionage. Neither there was an official response to Reuters’ query by Russian embassy in Washington, none by North Korea’s mission to the United Nations in New York.

About the Russian company that was targeted by the hackers
The company is commonly known as NPO Mash. It holds niche in developing hypersonic missiles, satellite technologies and newer generation ballistic armaments. Experts believe that these areas are of North Korea’s interest since it embarked on its mission to create an Intercontinental Ballistic Missile (ICBM) capable of striking the mainland United States.

The technical data reveals that the hackers gained the access of the documents and leaked them between 2021 and till May 2022. Afterwards, the IT engineers detected the hackers’ activity, according to the news agency.

NPO Mash grew to prominence during the Cold War as a premier satellite maker for Russia’s space programme and as a provider of cruise missiles.

Hackers read email traffic, jumped between networks and extracted data of the Russian company
After hacking, the intruders dug into the company’s IT environment, giving them the ability to read email traffic, jump between networks, and extract data, according to Tom Hegel, a security researcher with U.S. cybersecurity firm SentinelOne, who initially discovered the compromise.

“These findings provide rare insight into the clandestine cyber operations that traditionally remain concealed from public scrutiny or are simply never caught by such victims,” Hegel said.

Hegel’s team of security analysts at SentinelOne learned of the hack after discovering that an NPO Mash IT staffer accidentally leaked his company’s internal communications while attempting to investigate the North Korean attack by uploading evidence to a private portal used by cybersecurity researchers worldwide.

Experts say that the data leaked might be of crucial importance, but it would take a lot more information, effort and expertise for North Korea to build the missile based on the information.

“That’s movie stuff,” he said. “Getting plans won’t help you much in building these things, there is a lot more to it than some drawings”.

However, given NPO Mash’s position as a top Russian missile designer and producer, the company would be a valuable target, Schiller added. “There is much to learn from them,” he said. Livemint

Click to comment

You must be logged in to post a comment Login

Leave a Reply

Copyright © 2024 Communications Today

error: Content is protected !!