Cybersecurity experts in the United States believe that hackers working for the government of North Korea targeted American power companies with spear phishing emails, it was reported on Tuesday.
Hackers sent emails inviting targets to participate in a fundraiser, according to a report by the internet security firm FireEye.
Anyone who downloaded attached invitation would unwittingly invite malware onto his or her computer network, the FireEye report claimed.
A copy of the report was first obtained by NBC News.
While there is no word as to how successful the spear phishing attacks were or which electric companies were targeted, FireEye believes they are a byproduct of the recently heightened diplomatic tensions between Pyongyang and Washington.
FireEye said the phishing attack on the electric companies detected was ‘early-stage reconnaissance’ and did not indicate North Korea was about to stage an ‘imminent, disruptive’ cyber attack.
The North has been suspected of carrying out similar cyber attacks on South Korean electric utilities, in addition to other government and financial institutions.
Cybersecurity experts in the United States believe that hackers working for the government of North Korea targeted American power companies with spear phishing emails. The above photo shows a military parade in Pyongyang in April 2017
Hackers sent emails inviting targets to participate in a fundraiser, according to a report by the internet security firm FireEye. Anyone who downloaded attached invitation would unwittingly invite malware onto his or her computer network
FireEye said the phishing attack on the electric companies detected was ‘early-stage reconnaissance’ and did not indicate North Korea was about to stage an ‘imminent, disruptive’ cyber attack
Those attempts were likely aimed at creating a means of ‘deterring potential war or sowing disorder during a time of armed conflict’, FireEye said.
‘North Korea linked hackers are among the most prolific nation-state threats, targeting not only the US and South Korea but the global financial system and nations worldwide,’ its statement said.
‘Their motivations vary from economic enrichment to traditional espionage to sabotage, but all share the hallmark of an ascendant cyber power willing to violate international norms with little regard for potential blowback,’ it said.
‘This is a signal that North Korea is a player in the cyber-intrusion field and it is growing in its ability to hurt us,’ C. Frank Figliuzzi, a former chief of counterintelligence at the FBI, told NBC News.
A top South Korean lawmaker claimed on Wednesday that North Korean hackers stole a large amount of classified military documents, including South Korea-US wartime operational plans to wipe out the North Korean leadership. North Korean ruler Kim Jon-un is seen above
Cyber experts believe the increased threat from North Korea could be attributed to rising tensions between Pyongyang and Washington. President Donald Trump is seen above in the Oval Office on Tuesday
North Korea is believed to have a robust cyber warfare capability.
A top South Korean lawmaker claimed on Wednesday that North Korean hackers stole a large amount of classified military documents, including South Korea-US wartime operational plans to wipe out the North Korean leadership.
Democratic Party representative Rhee Cheol-hee said 235 gigabytes of military documents were taken from the Defense Integrated Data Center in September last year, citing information from unidentified South Korean defense officials.
An investigative team inside the defense ministry announced in May the hack had been carried out by North Korea, but did not disclose what kind of information had been taken.
Pyongyang has denied responsibility in its state media for the cyber attacks, criticizing Seoul for ‘fabricating’ claims about online attacks.
Rhee, currently a member of the National Assembly’s committee for national defense, said about 80 percent of the hacked data had not yet been identified, but that none of the information was expected to have compromised the South Korean military because it was not top classified intelligence.
Some of the hacked data addressed how to identify movements of members of the North Korean leadership, how to seal off their hiding locations, and attack from the air before eliminating them.
Rhee said the North could not have taken the entire operation plans from the database because they had not been uploaded in full.
These plans had likely not been classified properly but defense ministry officials told Rhee the hacked documents were not of top importance, he said.
HOW TO PROTECT YOURSELF FROM A SPEAR PHISHING ATTACK
Phishing is the widespread practice of sending out emails in bulk inviting recipients to reply … and give away their security details.
So-called spear phishing is more targeted and takes place when the would-be criminal has a name and email address for a victim who they know uses a particular website or brand.
They will send out emails which look like genuine communications from a retailer or bank the target uses regularly.
The target may be asked to fill in an online form providing a raft of details, including credit card numbers and the answer to their security question.
This can be enough to allow a criminal to steal their entire identity and access shopping and bank accounts.
Sometimes the email will come with an attachment.
Clicking on it will automatically download some malicious software – known as ‘malware’.
The criminal may even be able to spy on the target’s internet activity.
Security experts say the best advice when dealing with a suspect email is simply to delete it and never open attachments.