North Korean hackers targeted US ‘critical infrastructure’ during Trump-Kim summit, says report
Cybersecurity firm says attacks began a year and a half ago amid heightened tensions between Washington and Pyongyang
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Cybersecurity firm McAfee has said a group of North Korean hackers have been actively targeting “critical infrastructure” in an operation that started 18 months ago and likely did not stop during Donald Trump’s recent summit with Kim Jong-un in Vietnam.
In a new report, the company said it had found hackers — likely connected to North Korean group Lazarus — attempting to gain access to as many as 80 businesses around the world, and some governments themselves. The targets of the attacks included banks, oil companies, and utilities.
Germany was reportedly on the receiving end of the largest number of attempted attacks, while other countries including Turkey were also attacked.
In the new report, McAfee said that they found numerous links between the hacking operation and Lazarus, a North Korean group connected to banking hacks. Pyongyang has denied any connection to hacking groups, and a McAfee spokesperson told The Independent that they saw no indicator that any hacks were connected to diplomatic activity.
"The Financial, Government and critical Infrastructure segments were the most targeted," the spokesperson said in an email.
To conduct its research, McAfee said it worked with at least one unnamed government, but declined to name what government partners the company may have.
“McAfee believes that such digital forensic evidence must be complemented by traditional evidence from law enforcement and government agencies to make such assertions,” Raj Samani, McAfee's chief scientist, told CNN.
“That said, McAfee is obligated to report technical similarities between attacks and campaigns to provide its customers cyber threat intelligence they can use to protect themselves from current and future attacks.”
The attacks on western businesses and governments appeared to flare up in 2017 when the US and North Korea were experiencing a period of particularly tense relations.
At that time, Mr Trump repeatedly mocked and provoked Mr Kim, calling him “little rocket man” in an exchange that escalated while North Koreans tested their missile capabilities.
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments