Summary: South Korea has reported an increase in cyber-attacks attributed to Russian-associated groups, particularly following the deployment of North Korean troops to Ukraine. These attacks, primarily in the form of DDoS assaults, have targeted government and private sector websites, prompting a heightened state of alert within South Korean cybersecurity agencies.
Threat Actor: Pro-Kremlin hacktivist groups | pro-Kremlin hacktivist groups
Victim: South Korea | South Korea
Key Point :
- Pro-Russian cyber-attacks on South Korea have intensified since North Korea’s military involvement in Ukraine.
- South Korean authorities are actively monitoring and responding to these cyber threats, with a focus on enhancing preparedness.
- The National Cyber Crisis Management Team is collaborating with various agencies to track pro-Russian hacktivist activities.
- There is an observed convergence of hacktivist activities with nation-state cyber operations in the current geopolitical climate.
Russian-associated cyber-attacks on South Korea have ramped up following the deployment of North Korean troops in Ukraine, South Korea’s President’s Office has warned.
The activity by pro-Kremlin groups has primarily been distributed denial-of-service (DDoS) attacks against government websites and private companies, which the Seoul government is actively responding to.
The President’s Office said that access to the websites of some institutions have been temporarily delayed or cut off as a result of the attacks, but no other damage has been observed.
“Cyber-attacks by pro-Russian hacktivist groups against South Korea have been intermittent in the past, but since North Korea’s deployment to Russia and its entry into the war in Ukraine, attacks have become more frequent,” the office warned.
Ukrainian President Volodymyr Zelensky confirmed the presence of North Korean soldiers on Russian territory near the Ukrainian border in a press conference on November 7. He stated that some of these troops have already taken part in combat operations against Ukrainian forces.
South Korea Holds Emergency Meeting Following Attacks
The President’s Office statement followed an emergency situation review on Thursday, November 7, among South Korean national security and other government agencies under the chairmanship of Cyber Security Secretary Shin Yong-seok.
The agencies have been told to strengthen their preparedness for cyber-attacks as a result of the increased threat.
The National Cyber Crisis Management Team of the National Intelligence Service (NIS) of South Korea is now monitoring the activities of pro-Russian hacktivists and sharing the situation with related agencies.
South Korea expects such attacks to continue as the war in Ukraine continues.
Security researchers have observed a growing overlap between so-called hacktivist groups, financially-motivated cybercrime and nation-state activity in recent years.
Hacktivist activity has risen following Russia’s invasion of Ukraine in 2022, leading to many groups attacking Ukraine and its allies under this guise.
Source: https://www.infosecurity-magazine.com/news/russian-hacktivits-south-korea