JERUSALEM (AP) — Israel said Wednesday it foiled a cyberattack targeting its defense industry by a shadowy group that the U.S. has linked to North Korea.
The Israeli Defense Ministry said hackers with the Lazarus Group built fake profiles on the LinkedIn social network and posed as the CEOs and senior officials of international companies. They then offered job opportunities to employees at major Israeli defense firms in an attempt to gain access to their computers and networks to steal sensitive information.
The ministry says the attacks were detected “in real time” and thwarted. It said there was no “harm or disruption” to the targeted networks.
The ministry said the Lazarus Group is “backed by a foreign country,” without elaborating. It did not immediately respond to a request for further comment.
The U.S. Treasury Department announced sanctions against the Lazarus Group last September, saying it was controlled by the North Korean government.
It said the Lazarus Group was behind the devastating WannaCry ransomware, which froze 300,000 computers across 150 countries in 2017, and the destructive cyber attack against Sony Pictures Entertainment in 2014.
Ivan Kwiatkowski, a researcher at Kaspersky, a cybersecurity company, said that in the alleged attack on Israel, Lazarus appears to have been attempting technology theft rather than financial gain.
“This is a very interesting development, because we tend to see Lazarus as an actor focused mostly on funds collection,” he said. “But as any other state-backed actor, its missions are diverse, and I think this is a prime example of other areas of interest the group has.”
Israel said it thwarted a major cyberattack earlier this year targeting its water infrastructure, which was widely attributed to its archenemy Iran. Israel is suspected of retaliating two weeks later with a cyberattack on an Iranian port.
Israel and Iran have engaged in years of covert battles that have included high-tech hacking and cyberattacks. Most famously, U.S. and Israeli intelligence agencies are suspected of unleashing a computer worm called Stuxnet that disrupted Iran’s nuclear program.