{"id":1992988,"date":"2023-08-07T10:31:02","date_gmt":"2023-08-07T14:31:02","guid":{"rendered":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/north-korean-hackers-breach-russian-missile-developer\/"},"modified":"2023-08-07T10:37:27","modified_gmt":"2023-08-07T14:37:27","slug":"north-korean-hackers-breach-russian-missile-developer","status":"publish","type":"post","link":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/north-korean-hackers-breach-russian-missile-developer\/","title":{"rendered":"North Korean hackers infiltrate Russian missile developer."},"content":{"rendered":"<aside class=\"mashsb-container mashsb-main mashsb-stretched\"><div class=\"mashsb-box\"><div class=\"mashsb-count mash-medium\" style=\"float:left\"><div class=\"counts mashsbcount\">14<\/div><span class=\"mashsb-sharetext\">SHARES<\/span><\/div><div class=\"mashsb-buttons\"><a class=\"mashicon-facebook mash-medium mash-nomargin mashsb-noshadow\" href=\"https:\/\/www.facebook.com\/sharer.php?u=https%3A%2F%2Fwww.conservativenewsdaily.net%2Fbreaking-news%2Fnorth-korean-hackers-breach-russian-missile-developer%2F\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Facebook<\/span><\/a><a class=\"mashicon-twitter mash-medium mash-nomargin mashsb-noshadow\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&amp;url=https:\/\/www.conservativenewsdaily.net\/breaking-news\/?p=1992988&amp;via=ConservNewsDly\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Twitter<\/span><\/a><a class=\"mashicon-subscribe mash-medium mash-nomargin mashsb-noshadow\" href=\"#\" target=\"_top\" rel=\"nofollow\"><span class=\"icon\"><\/span><span class=\"text\">Subscribe<\/span><\/a><div class=\"onoffswitch2 mash-medium mashsb-noshadow\" style=\"display:none\"><\/div><\/div>\n            <\/div>\n                <div style=\"clear:both\"><\/div><\/aside>\n            <!-- Share buttons by mashshare.net - Version: 4.0.47--><div>\n<h2>An \u200dElite\u2064 Group of North Korean Hackers Breached Russian \u2064Missile Developer<\/h2>\n<blockquote>\n<p>An elite group \u200bof\u200d <span data-qa-component=\"highlight-text\">North Korea<\/span>n hackers secretly breached computer \u200dnetworks \u2064at a \u2062major Russian missile developer\u200d for at least \u2064five months last \u2063year, according to technical evidence reviewed by Reuters \u200band analysis by security researchers.<\/p>\n<\/blockquote>\n<p>Reuters found\u200c cyber-espionage teams linked to \u2062the \u2064 <span data-qa-component=\"highlight-text\">North Korea<\/span>n government, which security researchers call ScarCruft and Lazarus, <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/exclusive-north-korean-hackers-breached-top-russian-missile-maker\/\" title=\"North Korean hackers infiltrate leading Russian missile manufacturer.\">secretly installed stealthy digital\u200d backdoors<\/a> into systems at \u200cNPO Mashinostroyeniya, a rocket design bureau based in Reutov, a small town on \u2063the outskirts \u2064of \u200bMoscow.<\/p>\n<p>Reuters could not determine whether any data was taken during\u2063 the intrusion or\u2064 what information may have\u2063 been viewed. In the months following the digital break-in Pyongyang announced several developments in its banned ballistic <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/inside-the-gop-plan-to-oppose-bidens-iran-deal\/\" title=\"Inside the GOP Plan to Oppose Biden\u2019s Iran Deal\">missile program<\/a> but it is not clear if this was related to the breach.<\/p>\n<p>Experts say the incident\u2064 shows how the isolated\u2063 country will even \u200ctarget its \u2063allies, \u200dsuch as Russia, in a bid\u200b to acquire critical \u2063technologies.<\/p>\n<p>NPO Mashinostroyeniya did not\u2063 respond \u200dto requests from Reuters for comment. \u200cRussia&#8217;s embassy in\u2064 Washington did not respond to \u2063an emailed request for\u2062 comment. <span data-qa-component=\"highlight-text\">North Korea<\/span>&#8216;s \u200dmission to the United Nations in \u2063New York did not respond to a request for comment.<\/p>\n<p>News of \u200dthe hack comes shortly after a trip to\u200c Pyongyang last month by Russian defense\u2064 minister Sergei Shoigu \u2062for the 70th anniversary\u200b of the <span data-qa-component=\"highlight-text\">Korea<\/span>n War; the first visit by a\u200d Russian defense minister\u2063 to <span data-qa-component=\"highlight-text\">North Korea <\/span>since the 1991 breakup of the Soviet Union.<\/p>\n<p>The targeted company, commonly known as NPO \u200cMash, has acted as \u200da pioneer developer of hypersonic missiles, satellite technologies, and \u2063newer generation\u200d ballistic armaments, according\u2064 to missile experts\u2014three \u200dareas\u200d of \u200bkeen\u200c interest to \u2064 <span data-qa-component=\"highlight-text\">North Korea <\/span>since \u2062it embarked on its mission\u2064 to create an Intercontinental Ballistic\u200d Missile (ICBM) capable\u200b of \u2064striking the mainland United States.<\/p>\n<p>According to technical data, the intrusion\u2062 roughly began in \u2064late 2021\u2063 and\u2062 continued until May 2022 when, according to internal communications \u2064at the company reviewed by Reuters, IT engineers detected \u2062the hackers&#8217; activity.<\/p>\n<p>NPO\u200c Mash \u200cgrew\u200c to prominence during the Cold War as a premier satellite maker\u200c for Russia&#8217;s space program and as a provider of cruise missiles.<\/p>\n<h3>Email Hack<\/h3>\n<p>The hackers dug into the company&#8217;s IT environment, giving them\u2063 the ability to read email \u2064traffic, \u2062jump between networks, and extract data, \u2064according to Tom Hegel, a security researcher with U.S.\u2063 cybersecurity firm SentinelOne, \u2063who initially discovered the \u2063compromise.<\/p>\n<p>&#8220;These <a href=\"https:\/\/www.conservativenewsdaily.net\/breaking-news\/north-korean-hackers-breach-russian-missile-developer\/\" title=\"North Korean hackers infiltrate Russian missile developer.\">findings\u2064 provide \u200brare \u200cinsight<\/a> into \u2062the clandestine cyber \u2063operations that traditionally\u2062 remain concealed from public \u2063scrutiny \u200cor \u2062are simply never caught \u200cby such victims,&#8221; Hegel said.<\/p>\n<p>Hegel&#8217;s team of security analysts at SentinelOne learned of the \u2063hack after discovering\u2063 that an NPO Mash IT\u200d staffer accidentally \u2064leaked his \u200dcompany&#8217;s internal communications while \u200battempting to investigate the <span data-qa-component=\"highlight-text\">North Korea<\/span>n attack by uploading evidence to a private portal used by cybersecurity researchers worldwide.<\/p>\n<p>When contacted by\u200b Reuters, that IT staffer declined \u200cto comment.<\/p>\n<p>The lapse provided Reuters and SentinelOne with a unique snapshot into a company\u2062 of \u200dcritical importance \u2063to\u2064 the Russian state\u200d which was sanctioned \u2064by the Obama administration following\u200c the \u2062invasion of Crimea.<\/p>\n<p>Two independent computer\u200d security experts, Nicholas Weaver and Matt Tait, reviewed the exposed\u2064 email\u2064 content and \u2063confirmed its authenticity. The analysts verified \u2064the\u200c connection by checking\u2062 the email&#8217;s cryptographic signatures against \u200ca set of keys controlled by\u2062 NPO Mash.<\/p>\n<p>&#8220;I&#8217;m \u200chighly confident\u2062 the\u200d data&#8217;s authentic,&#8221; Weaver told Reuters. &#8220;How the information \u2064was exposed was an absolutely\u2064 hilarious screwup&#8221;.<\/p>\n<p>SentinelOne \u2062said they were confident <span data-qa-component=\"highlight-text\">North Korea<\/span> \u200bwas behind the hack because the cyber spies re-used previously known malware and malicious\u2062 infrastructure\u200d set up\u200b to carry out other intrusions.<\/p>\n<h3>&#8216;Movie Stuff&#8217;<\/h3>\n<p>In 2019, \u2064Russian President Vladimir Putin touted NPO\u2064 Mash&#8217;s &#8220;Zircon&#8221; \u200chypersonic missile as\u200b a &#8220;promising new product&#8221;, capable of traveling\u2062 at around \u2064nine times the speed of sound.<\/p>\n<p>The \u2063fact <span data-qa-component=\"highlight-text\">North \u200dKorea<\/span>n hackers may have \u200dobtained\u200b information about the Zircon \u200bdoes not mean they would immediately\u200d have that same capability, said Markus \u200dSchiller, a\u200d Europe-based missile \u200dexpert\u200d who has researched foreign aid to <span data-qa-component=\"highlight-text\">North Korea<\/span>&#8216;s missile program.<\/p>\n<p>&#8220;That&#8217;s movie\u2063 stuff,&#8221; he said. &#8220;Getting \u2063plans won&#8217;t help\u200d you\u2062 much\u200d in\u200c building these \u2063things, there is a lot \u200dmore to it than \u2062some drawings&#8221;.<\/p>\n<p>However, given NPO Mash&#8217;s position as a top \u200dRussian \u200bmissile designer and producer, the company \u2064would be a valuable target, Schiller added.<\/p>\n<p>&#8220;There \u2062is\u2062 much to learn from \u200cthem,&#8221; he \u200dsaid.<\/p>\n<p>Another area of interest could be in \u200bthe\u200d manufacturing process used by NPO Mash surrounding\u2062 fuel, experts said. Last \u2062month, \u200c <span data-qa-component=\"highlight-text\">North\u2063 Korea<\/span> \u2062test-launched the Hwasong-18, the first of its \u2064ICBMs to use solid propellants.<\/p>\n<p>That fueling method \u2062can allow for faster deployment of missiles during\u200d war because it does not require fueling on a launchpad, making the missiles harder to track \u2062and destroy before\u200b blast-off.<\/p>\n<p>NPO Mash\u200c produces an ICBM \u2064dubbed the SS-19 which\u2062 is fueled in \u200bthe factory and sealed shut, a process known as &#8220;ampulisation&#8221; that yields a similar strategic \u2063result.<\/p>\n<p>&#8220;It&#8217;s hard to do because rocket propellant, especially the oxidizer, \u200dis very corrosive,&#8221; \u200bsaid Jeffrey \u2063Lewis, a missile researcher\u2064 at the \u200cJames Martin Center for Nonproliferation Studies.<\/p>\n<p>&#8220;<span data-qa-component=\"highlight-text\">North\u200c Korea<\/span> announced that\u200d it was doing the same\u2062 thing in \u2064late 2021. If NPO Mash had one\u2063 useful\u200c thing for them, that\u2063 would\u2064 be top of my list,&#8221; he added.<\/p>\n<p>(Reporting by James Pearson \u200din London and Christopher Bing\u200b in Washington; editing \u200cby Chris Sanders and Alistair Bell)<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>A Russian missile developer&#8217;s computer networks were infiltrated for five months by a covert team of North Korean hackers. Reuters discovered evidence of cyber-espionage by ScarCruft and Lazarus, groups associated with the North Korean government. They discreetly implanted hidden digital access points into the systems.<\/p>\n","protected":false},"author":66,"featured_media":1992989,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mo_disable_npp":"","fifu_image_url":"https:\/\/cndimages.nyc3.digitaloceanspaces.com\/breaking-news\/wp-content\/uploads\/2021\/01\/IMG_2758-scaled-1.jpg","fifu_image_alt":"","footnotes":""},"categories":[544],"tags":[],"class_list":["post-1992988","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-free-beacon"],"fifu_image_url":"https:\/\/cndimages.nyc3.digitaloceanspaces.com\/breaking-news\/wp-content\/uploads\/2021\/01\/IMG_2758-scaled-1.jpg","_links":{"self":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts\/1992988","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/users\/66"}],"replies":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/comments?post=1992988"}],"version-history":[{"count":0,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/posts\/1992988\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/media\/1992989"}],"wp:attachment":[{"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/media?parent=1992988"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/categories?post=1992988"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.conservativenewsdaily.net\/breaking-news\/wp-json\/wp\/v2\/tags?post=1992988"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}