N. Korea attempts to use generative AI for hacking attacks: spy agency



South Korea's state intelligence agency has detected signs that North Korea tried to incorporate generative artificial intelligence (AI) into its hacking attacks and other illicit cyber activities, officials said Wednesday.

"Recently, it has been confirmed that North Korean hackers use generative AI to search for hacking targets and search for technologies needed for hacking," a senior official at the National Intelligence Service (NIS) told reporters.

The official, who spoke on the condition of anonymity, said the spy agency is keeping close tabs on North Korea's attempts to use generative AI for cyberattacks.

Still, North Korea has not used generative AI in actual cyberwarfare, the official said.

The NIS said it identified a daily average of 1.62 million hacking attempts in South Korea's public sector last year, up 36 percent from a year ago.

North Korea accounted for 80 percent of the total hacking attempts last year, followed by China at 5 percent, NIS officials said.

The target of North Korean hacking attempts varied last year, apparently in line with the North's leader Kim Jong-un's political agenda and interests, the NIS said.

Early last year, Pyongyang's hacking groups extorted information from South Korean agricultural and fisheries institutions after Kim called for plans to solve the North's food shortage crisis.

In August 2023 and September 2023, many of the attacks were focused on the South's shipbuilding companies as Kim ordered measures to strengthen the North's naval power.

Over the past four years, North Korea launched hacking attacks on defense companies of at least 25 countries in the world, including South Korea and Russia, according to the NIS.

The attacks were mainly targeted at the aviation industry at 25 percent, followed by technologies related to tanks at 17 percent, satellites at 16 percent and naval vessels at 11 percent.

North Korea is also suspected of using its overseas IT workers to find jobs at IT companies to plant malicious codes on software programs they developed at the companies to steal cryptocurrencies, the NIS said.

The NIS said South Korea is expected to see more cyberthreats this year amid the strained relationship with North Korea and the general elections slated for April. (Yonhap)

Top 10 Stories


Sign up for eNewsletter