Advertisement
FIA2026 animated banner

News

Articles

Information

Resources

Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC and partners warn of DPRK-sponsored cyber ops

Security

NCSC and partners warn of DPRK-sponsored cyber ops

Posted 26 July 2024
The National Cyber Security Centre (NCSC) – a part of GCHQ – issued a new advisory yesterday alongside partners in the US and the Republic of Korea, which reveals how a Democratic People’s Republic of Korea (DPRK) sponsored cyber threat group known as Andariel, has been compromising organisations around the world to steal sensitive and classified technical information and intellectual property data.

Image copyright Shutterstock

The NCSC assesses that Andariel is a part of DPRK’s Reconnaissance General Bureau (RGB) 3rd Bureau and that the group’s malicious cyber activities pose an ongoing threat to critical infrastructure organisations globally.  

The cyber actors have primarily targeted defence, aerospace, nuclear and engineering entities and organisations in the medical and energy sectors to a lesser extent, in order to obtain information such as contract specification, design drawings and project details.

Advertisement
ODU RT

As part of its operations, Andariel has also launched ransomware attacks against US healthcare organisations in order to extort payments and fund further espionage activity.

This advisory shares technical details and mitigation advice to help defend against the actors who have been seen exploiting known vulnerabilities to access victims’ systems before deploying malware and other tools to maintain persistence, evade detection and exfiltrate data.  

Paul Chichester, NCSC Director of Operations, said: “The global cyber espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programmes.

“It should remind critical infrastructure operators of the importance of protecting the sensitive information and intellectual property they hold on their systems to prevent theft and misuse.  

“The NCSC, alongside our US and Korean partners, strongly encourage network defenders to follow the guidance set out in this advisory to ensure they have strong protections in place to prevent this malicious activity.”

Advertisement
PTC rectangle

The advisory outlines how Andariel has evolved its operations from conducting destructive attacks targeting US and South Korea organisations to conducting specialised cyber espionage and ransomware attacks.

It warns that in some cases the actors have even been observed launching ransomware attacks and espionage operations on the same day and leveraging both activities against the same victim.

The advisory has been co-sealed by the NCSC, the US Federal Bureau of Investigation (FBI), the US Cyber National Mission Force (CNMF), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Department of Defense Cyber Crime Center (DC3), the US National Security Agency (NSA), the Republic of Korea’s National Intelligence Service (NIS) and the Republic of Korea’s National Police Agency (NPA).

It can be read on the FBI website: www.ic3.gov/Media/News/2024/240725.pdf
 

Advertisement
Gulfstream banner
Getac launches CommandCore

Defence Security

Getac launches CommandCore

27 March 2026

Getac has announced the launch of its CommandCore rugged drone control solution.

DE&S awards five providers nine contracts to support 3,000 military and police boats

Defence Security

DE&S awards five providers nine contracts to support 3,000 military and police boats

27 March 2026

Defence Equipment & Support (DE&S), part of the Ministry of Defence’s (MoD) National Armaments Director Group, has awarded £283.5 million worth of contracts to maintain and support approximately 3,000 boats across the UK Armed Forces and MoD Police, creating and safeguarding over 100 skilled jobs across England, Scotland and Wales.

DroneShield and OpenWorks Engineering expand C2 interoperability

Defence Security

DroneShield and OpenWorks Engineering expand C2 interoperability

24 March 2026

Counter-unmanned systems (C-UxS) solutions provider, DroneShield, today announced interoperability between DroneSentry-C2 command-and-control software and optical sensing technologies from OpenWorks Engineering.

Fiona Walters takes over as Serco’s UK & Europe CEO

Defence Security Space

Fiona Walters takes over as Serco’s UK & Europe CEO

24 March 2026

Fiona Walters has taken up her role as CEO of the UK & Europe division of Serco, having joined Serco in September 2025 from G4S, where she was Regional CEO for the UK & Ireland, leading a team of more than 30,000 people.

Advertisement
PTC rectangle
Marshall Land Systems partners with Tecnove

Defence Security

Marshall Land Systems partners with Tecnove

23 March 2026

Marshall Land Systems and the Tecnove Business Group have signed a Memorandum of Understanding (MoU) to explore and develop collaborative opportunities across the defence, medical and industrial sectors.

Airbus to acquire Ultra Cyber in the UK

Security

Airbus to acquire Ultra Cyber in the UK

23 March 2026

Airbus has entered into a definitive agreement with the Cobham Ultra group, a portfolio company of Advent, for the acquisition of Ultra Cyber Ltd.

Advertisement
ODU RT
Advertisement
Gulfstream banner

News

Articles

Information

Resources

© 2026 Advance - All rights reserved

Website by Silkstream

The views expressed are not necessarily those of ADS or its members. No responsibility or liability is accepted by ADS, the editorial team or the publisher for any loss occasioned to any person, legal or physical, acting or refraining from action as a result of any statement, fact, figure, expression of opinion or belief contained within this site.

Advertisement
FIA2026 animated banner