According to South Korean authorities, suspected North Korean hackers have made an attempt to attack a significant joint military drill between Seoul and Washington that begins on Monday.
The annual Ulchi Freedom Shield exercises between South Korea and the US will begin on Monday and last through August 31 in response to the North’s increasing threats.
Such drills are seen as invasion practice, and Pyongyang has frequently threatened to respond with “overwhelming” force.
According to a statement released on Sunday by the Gyeonggi Nambu Provincial Police Agency, the hackers, who are thought to be affiliated with a North Korean gang known as Kimsuky, launched “continuous malicious email attacks” against South Korean contractors working at the combined exercise war simulation facility for the allies.
“Police investigation confirms that North Korean hacking group was responsible for the attack,” it said in a statement, adding that military-related information was not stolen.
The IP address used in the most recent attack matched one uncovered in a 2014 breach on South Korea’s nuclear reactor operator that was attributed to the group, according to a joint investigation by the police and US military.
The Kimsuky hackers use “spearphishing” techniques, which involve sending emails with malicious attachments, to steal victims’ personal information.
The US Cybersecurity and Infrastructure Security Agency reported in 2020 that Kimsuky is “most likely tasked by the North Korean regime with a global intelligence gathering mission.”
It was stated that the group, which is thought to have been active since 2012, primarily targets people and organizations in South Korea, Japan, and the US and focuses on topics of foreign policy and national security pertaining to the Korean peninsula, nuclear policy, and sanctions.
