North Korean hackers have waged a global cyberespionage campaign to steal classified military secrets in support of Pyongyang's banned nuclear weapons program, the United States, Britain and South Korea said in a joint advisory on Thursday.
It was co-authored by the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA) and cyber agencies, the UK's National Cyber Security Centre (NCSC) and South Korea's National Intelligence Service (NIS).
The North Korea-backed hackers, known as Anadriel or APT45 by cybersecurity researchers, have targeted or breached computer systems at a wide range of defense or engineering companies, including the makers of tanks, submarines, naval ships, fighter jets, missiles and radar systems, according to the joint advisory.
Andariel has been identified as an arm of Pyongyang's spy agency.
"The authoring agencies believe the group and the cyber techniques remain an ongoing threat to various industry sectors worldwide, including but not limited to entities in their respective countries, as well as in Japan and India," the advisory said.
"The global cyber espionage operation that we have exposed today shows the lengths that [North Korean] state-sponsored actors are willing to go to pursue their military and nuclear programs," said Paul Chichester at the NCSC, a part of Britain's GCHQ spy agency.
According to the FBI, Andariel has used software vulnerabilities to launch cyberattacks, including malware and phishing, to access sensitive data and information.
The FBI urged companies involved in defense, aerospace, nuclear and engineering sectors "to remain vigilant in defending their networks from North Korea-state-sponsored cyber operations."
The FBI said Andariel had been trying to obtain information such as specifications and design drawings for uranium processing and enrichment as well as missiles and missile defense systems.