Hackers from North Korean-backed Lazarus Group strike again. Why did they target the Israeli defense industry?
The Lazarus Group, also known as Hidden Cobra, posed as headhunters from top aerospace and defense firms to recruit senior engineers and staff from Israeli government-owned weapons manufacturers.
The team of hackers created LinkedIn profiles to match, and used their fake identities to manipulate and infiltrate their targets by offering them dream jobs with Boeing, BAE, and McDonnell Douglas. These ongoing communications were used to infect the Israeli company’s computer systems and gather information on their military intelligence and finances.
Israel's Defense Ministry states they thwarted the cyberattack in real time and their computer systems remain intact.
Yet, ClearSky cybersecurity researchers believe that classified data was stolen through Operation ‘Dream Job’. Their report shows evidence that the Lazarus Group is developing more sophisticated tactics and this attack represented their main 2020 campaign.
Why it Matters:
North Korea’s Nuclear Program
North Korean cyberattacks are orchestrated by the government to gather both intelligence and money. The stolen funds are used to support North Korea’s nuclear program. Lazarus has a mixed track record of cybertheft, but was successful in stealing $81 million from Bangladesh Bank in 2016.
Israel and Iran Conflict
Israel and Iran have been engaged in ongoing cyberwarfare of their own. Iran attempted to hack an Israeli water filtration plant to increase chlorine in their drinking water to dangerous levels. In response, Israel launched a cyberattack on Shahid Rajaee port to disrupt shipments and traffic.
There is concern that data stolen by North Korea will be shared with Iran.
South Korean Defenses
South Korea is developing a missile interception system similar to Israel’s Iron Dome. Obtaining classified military information on the Israeli system would jeopardize South Korean defenses against North Korean long-range artillery. Such a system would have the potential to take down hundreds of missiles aimed at Seoul, which sits less than 15 miles from the DMZ and North Korean border.