"North Korean Hackers Targeted Nearly 1,000 South Korean Foreign Policy Experts"

South Korean authorities believe North Korean hackers working for the government have recently targeted at least 892 foreign policy experts in the country.  The authorities noted that the efforts focused on members of think tanks and academics, dating back to April.  The attacks began with spear phishing emails, often claiming to be from figures in South Korea's political system.  These usually included either links to fake sites or viruses as attachments.  The authorities stated that the ploy, while not particularly sophisticated, was enough to fool at least a handful of victims.  The attack led to several prominent experts having their personal data stolen, compromised email lists (exposing more people to the hackers), and 13 companies (primarily online retailers) being victims of ransomware.  Although police believe only 49 recipients actually handed credentials over to the fake sites and only two companies paid the 2.5 million won ($1,980) ransom, it's difficult to judge the full scale of the fallout.  The authorities noted that it is unclear what non-financial resources the North Korean hackers may have gained from this latest campaign.  The authorities indicated that though the hackers covered their tracks reasonably well, the targets, tactics, and IP addresses have led police to believe this is the same group that hacked Korea Hydro & Nuclear Power in 2014.  They also believe that the hackers will not cease their activity just because their efforts have been discovered. 

Engadget reports: "North Korean Hackers Targeted Nearly 1,000 South Korean Foreign Policy Experts"