A new cyber attack campaign launched by North Korean APT Lazarus Group is targeting the military defense industry. Lazarus weaponized two documents related to job opportunities from Lockheed Martin in the spear phishing attack. The discovery was made January 18, 2022. Here’s what you need to know:
What might the hackers be looking for?
North Korea has a long history of offensive Cyber operations and has typically focused on three strategic objectives: revenue generation, disruption, and espionage. Often, these objectives overlap, and so it’s difficult to know exactly what the strategic goals of a campaign are. However, when we see a defense contractor in the mix, one would be forgiven for thinking that there’s an espionage element involved.
Who is Lazarus?
Lazarus Group is a name for the combined activities for North Korea’s threat actors – often attributed to the Reconnaissance General Bureau. As there’s a lack of standardization in the names of these actors outside of the intel world, they’re sometimes used as a bit of a catchall for North Korea’s offensive cyber operations. You’d know them best for being one of the likely perpetrators of the Sony Hack of 2014 – in fact, they’ve been around for well over a decade.