Reuters
SEOUL—A suspected North Korean cyberattack on Turkish banks last month is broader in scope than originally believed, and has expanded to a global data-theft campaign targeting nations including the U.S. and Australia, according to a new cybersecurity analysis.
The hacking campaign, identified as Operation GhostSecret by cyber researcher McAfee LLC, now spans 17 countries and many industries. The attacks highlight how hackers linked to Pyongyang have evolved beyond their traditional focus on military secrets and cyber provocations.
From roughly March 14 to March 26, suspected Pyongyang-linked hackers sought to obtain sensitive information from a variety of industries: critical infrastructure, telecommunications, health care, higher education and others. McAfee, which released the report on Wednesday, didn’t name the affected organizations but said most of the attacks were in the Asia-Pacific region.
The cyberoffensive remains active, McAfee said. As with nearly all digital assaults, it is difficult to know exactly what was taken. But hackers prying into compromised computers could delete files, steal data or study networks for weaknesses that inform future strikes.