North Korea's Kim Su-ki Imposes 8th Independent Sanctions on North Korea Since Yoon Seok-yeol Government Inauguration
Joint Security Advisory Issued by South Korea-US Governments
The government announced on the 2nd that it has designated the North Korean hacking group 'Kimsuky' as a target of independent sanctions against North Korea, the first such case in the world. This sanction is the eighth independent sanction measure against North Korea since the inauguration of the Yoon Suk-yeol administration. Since October last year, the government has selected 43 individuals and 45 organizations as targets of independent sanctions.
North Korea's Kimsuky Conducts Cyber Attacks Targeting 'Governments, Political Circles, Academia, and Media Worldwide'
Kimsuky provided information collected through espionage from individuals and organizations in fields such as diplomacy, security, and defense to the North Korean regime. This measure was taken in response to Kimsuky's recent cyber attacks targeting domestic organizations and individuals.
Kimsuky and other North Korean hacking groups have been involved directly or indirectly in satellite development by stealing advanced technologies related to weapons development, satellites, and space from around the world.
The government expects this measure to have the effect of curbing Kimsuky's activities within the country. Considering Kimsuky's ransomware attacks and ransom demands, the government also listed Kimsuky's virtual asset wallet addresses as identifying information.
This measure is based on the Foreign Exchange Transactions Act and the Act on the Prohibition of Fund-Raising for the Purpose of Threatening the Public and the Proliferation of Weapons of Mass Destruction. To conduct foreign exchange or financial transactions with those designated as targets of this financial sanction, prior approval from the Governor of the Bank of Korea or the Financial Services Commission is required.
If transactions are conducted without approval, penalties may be imposed according to relevant laws. Transactions involving virtual assets with designated targets without prior approval from the Financial Services Commission are also prohibited.
Joint Security Advisory Issued by South Korea and U.S. Governments... Report to Police if Attacked
The National Intelligence Service of the Republic of Korea, the National Police Agency, the Ministry of Foreign Affairs, and the U.S. Federal Bureau of Investigation (FBI), Department of State, and National Security Agency (NSA) jointly issued a 'South Korea-U.S. Government Joint Security Advisory' to raise awareness by informing about the hacking methods of the North Korean hacking group Kimsuky.
This advisory is the second joint advisory issued by South Korea and the U.S. following the joint South Korea-U.S. cybersecurity advisory on North Korean ransomware announced by intelligence authorities in February. The advisory includes details on Kimsuky's operational methods, risk indicators, and threat mitigation measures.
Kimsuky is an organization under the Reconnaissance General Bureau and has conducted cyber attacks for over 10 years. It targets key figures in governments, political circles, academia, and media worldwide, providing diplomatic policy information and more to the North Korean regime.
Kimsuky mainly used methods that exploit human trust and social relationships to deceive people. In particular, it carried out spear-phishing attacks to steal information. For email recipients, the advisory recommends heightened caution regarding emails from unverified sources and the use of strong passwords. It also recommends security enhancement measures for services, networks, and servers for system administrators.
If one suspects they have been targeted by North Korean spear-phishing attacks, they are urged to report to relevant agencies such as the National Intelligence Service (111), National Police Agency (182), and Korea Internet & Security Agency (118), regardless of whether an actual breach has occurred.
The government stated, "We will continue efforts to raise domestic and international awareness of North Korea's illegal cyber activities based on cooperation with the United States, the international community, and public-private partnerships," and added, "We will carry out proactive response activities, including public damage prevention, to create a safe cyber environment."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
