North Korea hacks ally Russia’s missile design research

North Korean leader Kim Jong Un meeting with Putin

North Korean leader Kim Jong Un met with Putin in 2019 – Alexey Nikolsky/AFP via Getty Images

North Korea broke into a major Russian weapons developer’s computer network as part of its bid to build an intercontinental missile, according to security researchers.

Hackers breached the cybersecurity defences of NPO Mashinostroyeniya, a rocket design bureau commonly known as NPO Mash, in late 2021.

It is not clear if any data was taken during the intrusion, but in the months that followed Pyongyang announced several developments in its ballistic missile programme.

Experts say it shows that North Korea will target its allies in order to acquire critical technologies. The news comes after Sergei Shoigu, the Russian defence minister, was welcomed to Pyongyang in July.

Hackers remained on NPO Mash’s system for at least five months until they were detected in May 2022, and were able to read emails, jump between networks and extract data.

The company, which is based on the outskirts of Moscow, has pioneered developments of hypersonic missiles, satellite technologies and newer generation ballistic armaments.

These areas are of interest to North Korea since it has embarked on a mission to create an intercontinental ballistic missile capable of striking the US.

In 2019, Vladimir Putin, the Russian president, praised NPO Mash’s “Zircon” hypersonic missile as a “promising new product” capable of travelling at around nine times the speed of sound.

Markus Schiller, a missile expert based in Europe, said the company was a valuable target but stolen schematics would be of limited use to Pyongyang.

He said: “Getting plans won’t help you much in building these things, there is a lot more to it than some drawings.”

SentinelOne, a US cybersecurity firm, discovered the hack after an NPO Mash employee accidentally leaked the company’s internal communications online.

Malware in Japan’s defence networks

It follows the recent revelation that Japan’s defence networks were penetrated by China in one of the most damaging security breaches in its history, according to officials.

The hackers, who were discovered by the US National Security Agency (NSA) in autumn 2020, were able to access defence plans, capabilities and assessments of military shortcomings.

One US official called the breach “shockingly bad”, according to the Washington Post. Japan has said it cannot confirm if any security information was leaked.

Gen. Paul Nakasone, the director of the NSA, and Matthew Pottinger, a White House national security adviser, travelled to Tokyo to brief the Japanese defence minister once the hack was discovered.

The situation was seen as so serious that officials suggested it could derail intelligence sharing between the Pentagon and Japan’s defence ministry.

Although the US team offered to purge Chinese malware from the defence systems, the Japanese were said to be wary of “having another country’s military on their networks”.

Although Gen. Nakasone and Mr Pottinger believed “they had really made a point”, US officials realised in autumn 2021 that Japan had failed to expel China from its networks.

Japan has since announced that it will increase its cybersecurity budget tenfold over the next five years, while boosting its military cybersecurity staff fourfold to 4,000 people.

‘We see tremendous investment’

Lloyd Austin, the US defence secretary, has indicated to Tokyo that sharing information for advanced military operations could be slowed without tightening its security.

A senior US defence official said: “We see tremendous investment and effort from the Japanese in this area.

“The department feels strongly about the importance of cybersecurity to our ability to conduct combined military operations, which are at the core of the US-Japan alliance.”

On Tuesday, Hirokazu Matsuno, Japan’s chief cabinet secretary, said both countries have always been in close communication.

He added: “Due to the nature of the matter, I am unable to provide further details of the communication but we haven’t confirmed the fact that security information has been leaked due to cyber attacks.”

Mr Matsuno said cybersecurity was the foundation of the US-Japan alliance and insisted Japan would continue to work to keep its network safe.

There was no immediate comment from Beijing.

Broaden your horizons with award-winning British journalism. Try The Telegraph free for 1 month, then enjoy 1 year for just $9 with our US-exclusive offer.

Leave a Comment