UK and South Korea issue warning over North Korea-linked cyber attacks

23 November 2023, 11:54

A woman using a latpop
Cyber attacks. Picture: PA

The UK’s cyber security agency has joined with its South Korean counterpart to warn of North Korean-backed actors targeting software supply chains.

The UK and South Korea have warned that cyber attacks from North Korean state-linked groups are growing in sophistication and volume.

In a new joint advisory issued by the two nations’ cyber security and intelligence agencies, they urge organisations to boost their security measures to reduce the risk of their systems being breached.

The UK’s National Cyber Security Centre (NCSC), which is part of GCHQ, and the South Korean National Intelligence Service (NIS) said they have observed hackers leveraging previously unknown vulnerabilities and exploits in third-party software in their supply chains in order to gain access to an organisation’s systems.

The two agencies have warned that such attacks on the software-based supply chain pose a particularly significant threat as it means a single initial compromise can affect a number of organisations and lead to onward attacks, resulting in greater disruption or ransomware being deployed.

The joint advisory warns that North Korean-backed attacks of this nature are likely to increase and urges organisations to take steps to better protect themselves.

Paul Chichester, NCSC director of operations, said: “In an increasingly digital and interconnected world, software supply chain attacks can have profound, far-reaching consequences for impacted organisations.

“Today, with our partners in the Republic of Korea, we have issued a warning about the growing threat from DPRK (North Korea) state-linked cyber actors carrying out such attacks with increasing sophistication.

“We strongly encourage organisations to follow the mitigative actions in the advisory to improve their resilience to supply chain attacks and reduce the risk of compromise.”

The joint advisory is the first time the NCSC has issued such a warning without partnership from other Five Eyes agencies – those in Australia, Canada, New Zealand and the US – and comes during the state visit to the UK by South Korean President Yoon Suk Yeol.

By Press Association

More Technology News

See more More Technology News

EA Sports sign

Games developer Electronic Arts to cut 5% of workforce

This super speedy acceleration makes "not an especially nice noise", with the journalist saying it is "bowel loosening".

Jeremy Clarkson brands supercars 'too difficult' after driving new £308k vehicle

A Google building

Inaccurate images generated by AI chatbot were ‘unacceptable’, says Google boss

An Apple store

Apple shuts down electric car project – reports

Sage sign

AI will ‘change nature’ of accounting, says Sage boss

A child using a laptop computer (PA)

More guidance needed on AI in schools, report says

Most influential Scots on TikTok

Gen Z ushering in ‘post-truth media age’, says former No 10 communications chief

UK mobile phone networks stock

Vodafone completes 3G network switch off

Sony PlayStation 5

Sony to close London studio as part of 900 PlayStation job cuts

James Cleverly visit to US

Use of AI for medical diagnoses and police work discussed by Home Secretary

A wallet containing cash and cards

80% of 85 to 95-year-olds now pay with contactless, says Barclays

Woman using a laptop computer

More small digital firms making £100,000-plus across the UK, data shows

James Cleverly

Deepfakes provide ‘perfect storm’ for hijackers in general election – Cleverly

Jack Ritchie inquest

Online slot games ‘highly addictive’ despite new limits, say bereaved parents

The Spotify app is shown in an Apple iPad mini

Apple hits out at Spotify over ongoing EU competition complaint

Serco signage

Serco Leisure ordered to stop using facial recognition tech on workers