North Korea: The Israeli officials announced on Wednesday that a cyber-attack from North Korea that targeted classified systems was thwarted. While the attack was detected and stopped, security researchers involved in stopping the attack stated that it is likely that classified data was stolen. The fear among many Israeli officials is that the stolen data would be shared with Iran. This attack followed a very familiar pattern for North Korean hackers beginning with a fake LinkedIn profile being used to reach out to prospective targets. The messages purported to be from a headhunter for Boeing. While the name on the account is an actual recruiter for Boeing, they are not the person who actually sent the messages to a senior engineer at the targeted Israeli defense company. After establishing communications with the targets, the North Korean actors set up communications through WhatsApp or live phone calls. According to the victims of the attack who were interviewed, the person at the other end of the call spoke English without an accent and sounded credible. As with other similar attacks the North Korean actors then asked to send the targets a list of job requirements. That document contained malware which allowed the attackers to gain access to their systems. After compromising the employee’s workstation, the attackers then attempted to move laterally to classified Israeli networks.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.