World

£7.7 million bounty offered in hunt for members of North Korea-backed hacking group

The UK, US and South Korea have accused a North Korea-backed cyber group of a carrying out an online espionage campaign to steal military and nuclear secrets.

The “Andariel” group has been compromising organisations around the world as it attempts to get hold of sensitive and classified technical information and intellectual property data, according to the UK’s National Cyber Security Centre (NCSC).

The centre, which is part of the GCHQ intelligence agency, has issued a joint warning and advisory note about Andariel’s actions with organisations including the US Federal Bureau of Investigation and South Korea’s national intelligence service.

North Korea is a secretive and authoritarian state, which is known officially as the Democratic People’s Republic of Korea (DPRK), and is headed by supreme leader Kim Jong Un.

NCSC director of operations Paul Chichester said: “The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes.”

Andariel is a part of DPRK’s Reconnaissance General Bureau (RGB) 3rd bureau, and the group’s malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally, the agency believes.

The group primarily targeted defence, aerospace, nuclear and engineering organisations, but also acted against the medical and energy sectors, according to the NCSC.

Andariel has attempted to obtain information such as contract specification, design drawings and project details, the agency claimed.

The advisory outlines how Andariel has evolved from destructive hacks against US and South Korea organisations to carrying out specialised cyber espionage and ransomware attacks.

The hackers carried out both ransomware attacks and cyber espionage operations on the same day against the same victim in some cases.


Follow Sky News on WhatsApp
Follow Sky News on WhatsApp

Keep up with all the latest news from the UK and around the world by following Sky News

Tap here

Mr Chichester said: “It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse.

“The NCSC, alongside our US and Korean partners, strongly encourage network defenders to follow the guidance set out in this advisory to ensure they have strong protections in place to prevent this malicious activity.”

This breaking news story is being updated and more details will be published shortly.

Please refresh the page for the fullest version.

You can receive Breaking News alerts on a smartphone or tablet via the Sky News App. You can also follow @SkyNews on X or subscribe to our YouTube channel to keep up with the latest news.

Articles You May Like

Public sector pay rises help drive up government borrowing
The Eastern US’s first CFI-funded EV charging hub comes online
Several killed as Russia fires more than 200 missiles and drones at Ukraine
Human Cell Atlas Mapping 37 Trillion Human Cells for Disease Insights
Trump picks Liberty Energy CEO and Oklo board member Chris Wright as Energy secretary