This Article is From Nov 08, 2019

North Korean Hackers May have Targeted ISRO During Moon Mission: Report

The ISRO was one of five government agencies to come under their attack, said the report, adding that officials denied that the attack impacted the Moon mission.

North Korean Hackers May have Targeted ISRO During Moon Mission: Report

ISRO officials denied that the attack impacted the Moon mission.

London:

At the time the Indian Space Research Organisation (ISRO) was trying to land Chandrayaan 2 spacecraft's Vikram lander on the Moon, suspected North Korean hackers might have attacked the space agency, the Daily Mail reported on Friday.

The ISRO was one of five government agencies to come under their attack, said the report, adding that officials denied that the attack impacted the Moon mission.

Employees are feared to have accidentally installed malware on to their systems after opening phishing emails from North Korean spammers.

According to a report in the Financial Times, ISRO was warned of the cyber attack during the Chandrayaan-2 moon mission in September.

Experts believe the attack was conducted using DTrack, a type of malware linked to the Lazarus group which is believed by the US authorities to be controlled by the North Korean government.

According to cybersecurity firm Kaspersky, the malware has been detected in financial institutions and research centres in 18 Indian states.

The reports on cyber-attack on ISRO came after the Nuclear Power Corporation of India (NPCIL) last week confirmed the presence of malware in its system at the Kudankulam nuclear plant, which has been traced to North Korea's DTrack.

In a press statement, the NPCIL said "identification of malware in NPCIL system was correct" but added that the "infected PC" belonged to a user "who was connected in the internet connected network used for administrative purposes".

It said the infected PC "has been isolated from the critical internal network" and that the "networks are being continuously monitored".

Explaining about Dtrack, Kaspersky's Security Researcher Konstantin Zykov, in a recent event in Delhi, had said: "The large amount of Dtrack samples we found demonstrated that Lazarus is one of the most active APT (Advanced Persistent Threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection."

"Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets."

ISRO lost contact with its Vikram lander during the last stage of the Moon landing operation on September 7, minutes before it was due to land near the South Pole of the Moon.



(Except for the headline, this story has not been edited by NDTV staff and is published from a syndicated feed.)
.