보도자료240304.hwp (702 KB)

South Korea's National Intelligence Service warned that North Korean hackers targeted domestic semiconductor equipment companies from late 2023 into early 2024. The attackers focused on internet-exposed business servers used for document and data management, then relied mainly on living off the land techniques that abused legitimate programs already installed on the servers. The NIS said one company lost product design drawings from a configuration management server in December and another lost equipment site photos from a security policy server in February. The agency assessed the activity as potentially tied to North Korea's need to obtain semiconductors for weapons programs under sanctions and urged exposed-server patching, access control, and stronger administrator account management.