North Korean espionage groups hacked a major Russian missile developer for at least five months last year, cyber-security firm SentinelOne reported Monday.
ScarCruft and Lazarus Group, two cyber-espionage groups linked to the Democratic People’s Republic of Korea (DPRK), breached computer networks and email servers at NPO Mashinostroyeniya, a missile development organization part of Russia’s defense industrial base, according to a SentinelOne report released Monday. The two groups breached the missile developer from late 2021 to May 2022, despite North Korean leader Kim Jong Un’s public calls to strengthen ties with Russia and his promise of “full support and solidarity” to Russian President Vladimir Putin.
Reuters conducted its own technical evidence review and could not establish what data, if any, was obtained by the espionage groups during this time. In the months following the cyber attack, the DPRK announced new advancements in its ballistic missile programs, but it’s unclear whether it was related to the cyber breach, Reuters reported.
NPO Mashinostroyeniya is a U.S.-sanctioned missile developer “that possesses highly confidential intellectual property on sensitive missile technology currently in use and under development for the Russian military,” according to SentinelOne. The StarCruft and Lazarus groups worked independently to breach NPO Mashinostroyeniya, though it’s possible that the DPRK deemed the attack “important enough to assign to multiple independent threat actors,” SentinelOne reported. (RELATED: ‘Conversation’ Started With North Korea Over Fate Of US Soldier, UN Says)
“The development marks a rare convergence where two North Korea-based independent threat activity clusters have targeted the same entity, indicating a ‘highly desirable strategic espionage mission’ that could benefit its controversial missile program.”
Read the full article:…
— SentinelOne (@SentinelOne) August 7, 2023
“Based on our assessment, this incident stands as a compelling illustration of North Korea’s proactive measures to covertly advance their missile development objectives,” SentinelOne’s report reads. “The convergence of North Korean cyber threat actors represents a profoundly consequential menace warranting comprehensive global monitoring … In light of these findings, it becomes crucial to address and mitigate this threat with utmost vigilance and strategic response.”
The cyber-espionage attack is demonstrative of how the DPRK is willing to betray its own allies, according to experts who spoke to Reuters. Kim previously called for “closer strategic cooperation” with Russia and promised Putin “full support and solidarity” in June.
“I affirm my willingness to strive for closer strategic cooperation between the DPRK and Russia, hand in hand with you, in conformity with the common desire of the peoples of the two countries to fulfill the grand goal of building a powerful country and reliably defend global peace and security,” Kim had said in the June statement.
The Ministry of Foreign Affairs of the Russian Federation did not immediately respond to the Daily Caller News Foundation’s request for comment.
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.