Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
World
Nicholas Cecil

Cyber attacks from North Korea are increasing and more sophisticated, warns UK and South Korea

North Korea is launching a growing number of increasingly sophisticated cyber attacks, Britain and South Korea warned on Thursday.

The two countries issued a joint “advisory” about “techniques and tactics” used by cyber actors linked to Democratic People’s Republic of Korea who are launching software supply chain attacks

Britain’s National Cyber Security Centre and the Republic of Korea’s National Intelligence Service stressed that the attacks from the rogue state, headed by Kim Jong-un, “are growing in sophistication and volume”.

Paul Chichester, NCSC director of operations said: “In an increasingly digital and interconnected world, software supply chain attacks can have profound, far-reaching consequences for impacted organisations.

“Today, with our partners in the Republic of Korea, we have issued a warning about the growing threat from DPRK state-linked cyber actors carrying out such attacks with increasing sophistication.

“We strongly encourage organisations to follow the mitigative actions in the advisory to improve their resilience to supply chain attacks and reduce the risk of compromise.”

The UK and South Korean intelligence and security teams emphasised that cyber actors have been identified as “leveraging zero-day vulnerabilities” and exploiting third-party software to gain access to specific targets or indiscriminate organisations via their supply chains.

The NCSC and the NIS consider these supply chain attacks were in line and helped the "fulfilment of wider DPRK state priorities, including revenue generation, espionage, and the theft of advanced technologies", they added.

The advisory provides technical details about the malicious activity, case studies of recent attacks that have emanated from the DPRK and advice on how organisations can mitigate supply chain compromises.

The NCSC stressed that software supply chain cyber attacks pose a significant threat as they can affect a number of organisations through one initial compromise and can lead to onward attacks, resulting in disruption or ransomware being deployed.

They can also be harder for network defenders to detect as the actors are using legitimate software and hardware to enable the attack, it added.

South Korean President Yoon Suk Yeol and First Lady Kim Keon Hee flew to Britain this week for a State visit.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.