Threat Intelligence

US-South Korea military exercise subjected to suspected Kimsuky-linked attack

Joint military exercises between the U.S. and South Korea commencing this week were reportedly subjected to an attempted cyberattack by threat actors associated with North Korean state-sponsored hacking operation Kimsuky, according to SecurityWeek. Malicious email attacks have been continuously deployed by the attackers against South Korean contractors that are part of the yearly Ulchi Freedom Shield Drills meant to better combat North Korean threats, said South Korea's Gyeonggi Nambu Provincial Police Agency in a statement. No military-related data was stolen in the attack, which the police has confirmed to be conducted by a North Korean threat operation. Meanwhile, further investigation by the U.S. military and South Korean police revealed that the latest attack involved the use of an IP address previously used in a cyberattack against South Korea's nuclear reactor operator in 2014, which has been attributed to Kimsuky. Organizations in the U.S., South Korea, and Japan have been the primary targets of the Kimsuky group since its emergence in 2012.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.