South Korean chip manufacturers have apparently been hacked by North Korea in a bid to boost their weapons manufacturing, the South Korean National Intelligence Service (NIS) has claimed.
According to NIS, the North Korean hackers managed to break into the servers of two semiconductor manufacturers and potentially stole sensitive information.
South Korea has legislative elections coming up in April 2024, and President Yoon Suk Yeol last month said that North Korea could increase the number of cyber attacks to interfere with the elections.
Sanctions hitting North Korea where it hurts
In a statement after the attack, NIS said, “We believe that North Korea might possibly be preparing to produce its own semiconductors in the face of difficulties in procuring them due to sanctions.”
Semiconductors are used in a number of complex weapons systems such as the targeting devices and computers used in inter-continental ballistic missiles, which has been a priority for North Korea for many years.
It is possible, NIS believes, that the hackers could have stolen sensitive product specifications and photographs of factory internals, however no details were released on the names of the companies targeted or if any data was successfully stolen.
Both Samsung Electronics and SK Hynix are based in South Korea, and account for a significant share of both the DRAM and NAND global markets, according to BleepingComputer.
The hackers have increasingly been utilising techniques such as ‘living-off-the-land’, whereby the threat actors use legitimate existing programs within a network to hide their malicious activities.
There is currently a global semiconductor shortage due to supply chain issues and the rapid development of AI, which requires semiconductors in the technology used to train and run large language models (LLM).
In the face of the threat of espionage and supply chain security, the US has invested billions as part of the CHIPS act to domestically produce semiconductors, lowering the possibility of China and North Korea threatening the supply.
While the hermit kingdom has been subject to strict sanctions for over 70 years, it has significantly increased the sophistication of its cyber attacks over the past two decades.
North Korean-backed hackers are estimated to have stolen close to $3 billion worth of cryptocurrency since 2016 to help keep the regime afloat, and have conducted a number of crippling cyberattacks against a Western-aligned nations.