Researchers believe North Korean hackers were able to breach major Russian missile developer networks over a period of at least five months last year.
Cyber-espionage teams linked to the North Korean government — known as ScarCruft and Lazarus — secretly installed digital backdoors into the systems at a rocket design bureau. The bureau, NPO Mashinostroyeniya, is located in Reutov, a town located just outside of Moscow. NPO Mashinostroyeniya is a sanctioned entity that "possesses confidential intellectual property on sensitive missile technology currently in use and under development for the Russian military," said SentinelLabs researchers in their report.
According to Reuters, missile experts say that NPO Mashinostroyeniya "has acted as a pioneer developer of hypersonic missiles, satellite technologies, and newer generation ballistic armaments," which are all strong areas of interest to North Korea and its missile programs.
It is currently unknown if data was stolen or what information may have been viewed by cyber-espionage teams; however, experts say that this incident shows how far isolated countries will go to acquire advanced technologies — even if it means turning their backs on allies.
Just months after the initial "digital break-in," officials in Pyongyang — the capital of North Korea — announced that significant developments had been made in the country's banned ballistic missile program. Whether or not those developments were due to possible information gleaned from the breach is unknown.
NPO Mashinostroyeniya, the Russian embassy in Washington, and North Korea's mission to the United Nations (UN) in New York have not made public comments regarding the breach.