North Korean Cyber Warriors Strike: German IRIS-T Missile Maker Caught in the Crosshairs
- A recent cyber attack by North Korean hackers has targeted the German arms company Diehl Defense, according to reports by Spiegel.
- The attack was analyzed by the American company Mandiant, which revealed that the hackers sent emails with fake job offers in American weapons factories to multiple employees.
- The hackers attempted to disguise the server used for the attack by naming it "Uberlingen," which is the location of Diehl Defense.
North Korean Hackers Target German Arms Company Diehl Defense
A recent cyber attack by North Korean hackers has targeted the German arms company Diehl Defense, according to reports by Spiegel. The hackers, identified as part of the Kimsuky group, sent infected emails to employees in an attempt to gain access to their computers.
The attack was analyzed by the American company Mandiant, which revealed that the hackers sent emails with fake job offers in American weapons factories to multiple employees. The emails included a PDF file with a “detailed job description” that, when downloaded, would install spyware on the employee’s computer.
The hackers attempted to disguise the server used for the attack by naming it “Uberlingen,” which is the location of Diehl Defense. The server also had a German login, further attempting to conceal the true origin of the attack.
According to Mandiant expert Michael Barnhart, the hackers appeared to have been gathering information and “testing the waters” for a long time before launching the attack.
Diehl Defense is a significant player in the arms industry, producing the Iris-T guided missiles, which are used by South Korea in its state-of-the-art KF-21 fighter jets.
The Federal Office for Information Security (BSI) has confirmed that the Kimsuky group, also known as APT43, has been involved in malicious activities against Germany and has targeted other companies in a similar manner.
