Intelligence Briefing #69

Welcome to the Nucleon Cyber Intelligence podcast.

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes.

The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world.

The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand.

South Korea’s government-owned aerospace company has requested local authorities to investigate a possible hacking incident of North Korean origin, according to local press reports. The KAI KF-21  known as Fighting Hawk is a joint South Korean/Indonesian 4.5 generation fighter aircraft development program with the goal of producing an advanced multirole fighter for the South Korean and Indonesian air forces. In April 2021, the first prototype was completed and unveiled during a rollout ceremony at the headquarters of KAI. According to Ha, the breach took placed around the same time the Korea Atomic Energy Research Institute was hacked. “It is highly likely that Kimsuky, a group of hackers under the Reconnaissance General Bureau of North Korea was behind the breach” according to local paper, he also raised the possibility that blueprints of the KF-21 jet may have been stolen in the attacks.  

In December, Kimsuky was linked to a fake online site designed to fool employees at South Korea’s Yonsei University Health System.

Not much more details been released about this specific cyber attack and what was accomplished but it seems that professional hackers who were suspected breaking into South Korea Nuclear facilities were also successful hacking into other sensitive places such as the company who designed and building the most advanced jet fighter of South Korea.

—-

The Wisconsin Department of Health Services announced on Friday that residents who received services from its different programs may have had their personal information leaked after a hacker gained access to its system.

It took DHS more than 3 months to detect and alert that an unauthorized individual gained access to an email account that may have exposed names, member identification numbers, dates of birth, some Social Security numbers, addresses, and health information such as medical conditions and treatment information. 

DHS says that they discovered the unidentified hacker had entered the system that same day and were able to quickly disable the hacker’s access to the account. Officials say no known exposures have been confirmed, but, DHS reports that after an investigation into this incident they have identified individuals whose information may have potentially been accessed and offered them monitoring services to see if their data is being used on the web.

Officials note that since discovering the unauthorized access, the organization has taken actions to improve its security posture. 

DHS has also requested that the Department of Administration and the State’s Chief Information Security Officer conduct a review of Department of Health Services’ security protocols, protecting personal health information including the adequacy of our information system protections against malicious phishing attacks.

but one question remains unanswered, why did it take more than 3 months to detect and notify about the breach.

hackers are usually using such information in order to gain access to other unauthorized services.

—–

That’s it for this podcast, stay safe and see you in the next podcast.

Don’t forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.

++++++

Leave a Reply