Threat Intelligence
US-South Korea military exercise subjected to suspected Kimsuky-linked attack
Joint military exercises between the U.S. and South Korea commencing this week were reportedly subjected to an attempted cyberattack by threat actors associated with North Korean state-sponsored hacking operation Kimsuky, according to SecurityWeek.
Malicious email attacks have been continuously deployed by the attackers against South Korean contractors that are part of the yearly Ulchi Freedom Shield Drills meant to better combat North Korean threats, said South Korea's Gyeonggi Nambu Provincial Police Agency in a statement. No military-related data was stolen in the attack, which the police has confirmed to be conducted by a North Korean threat operation.
Meanwhile, further investigation by the U.S. military and South Korean police revealed that the latest attack involved the use of an IP address previously used in a cyberattack against South Korea's nuclear reactor operator in 2014, which has been attributed to Kimsuky. Organizations in the U.S., South Korea, and Japan have been the primary targets of the Kimsuky group since its emergence in 2012.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds