Israel said Wednesday that it thwarted a North Korean cyber group’s attempt to steal sensitive information from leading defense companies in the country.
Israel’s Defense Ministry identified the group as Lazarus and said it is backed by a foreign country, though it didn’t name North Korea. Lazarus was sanctioned by the U.S. last year.
Israel reported that the hacking attempts were thwarted in real-time and that no information was compromised, however, researchers at a cybersecurity firm that was first to discover the attack said the hack had been successful.
ClearSky researchers said in a report that the North Korean attack began last June when the hackers initially posed as a headhunter from the Boeing aerospace company and sent a message to a senior engineer at an unnamed Israeli government-owned company. They reportedly use fake LinkedIn profiles and contact the victim, even speaking to them over the phone, in order to trick them into believing they are real.
The New York Times reports that victims who they have spoken to said they speak to people who spoke “fluent, unaccented English”, suggesting the operation is international. After establishing a connecting with their target, the hackers then send a file to their victim over email which acts as spyware, infiltrates their computer and attempts to penetrate classified networks.
ClearSky claims that Israeli defence officials are concerned that the large amounts of classified data stolen in the attack could be passed to Iran, a key ally of Pyongyang, according to the report.
However, Israeli defence authorities have said the cyberattack by the Lazarus group was thwarted and no data was compromised.
We need to continue to pray for protection over Israel regardless of whether this attack was successful or not. They are under attack in every area and this is not the first time they have been targeted. If important information has been stolen, we must pray it doesn’t get into the wrong hands.