Russian Rocket Bureau Faces Cyber-Espionage Breach, North Korea Responsible

Whether or not North Korea used information gathered from its cyber-espionage teams in this breach to build up its own military technology is unknown.

Dark Reading Staff, Dark Reading

August 8, 2023

1 Min Read
image of cracked North Korean and Russian flags joined together.
Source: Daniren via Alamy Stock Photo

Researchers believe North Korean hackers were able to breach major Russian missile developer networks over a period of at least five months last year.

Cyber-espionage teams linked to the North Korean government — known as ScarCruft and Lazarus — secretly installed digital backdoors into the systems at a rocket design bureau. The bureau, NPO Mashinostroyeniya, is located in Reutov, a town located just outside of Moscow. NPO Mashinostroyeniya is a sanctioned entity that "possesses confidential intellectual property on sensitive missile technology currently in use and under development for the Russian military," said SentinelLabs researchers in their report.

According to Reuters, missile experts say that NPO Mashinostroyeniya "has acted as a pioneer developer of hypersonic missiles, satellite technologies, and newer generation ballistic armaments," which are all strong areas of interest to North Korea and its missile programs.

It is currently unknown if data was stolen or what information may have been viewed by cyber-espionage teams; however, experts say that this incident shows how far isolated countries will go to acquire advanced technologies — even if it means turning their backs on allies.

Just months after the initial "digital break-in," officials in Pyongyang — the capital of North Korea — announced that significant developments had been made in the country's banned ballistic missile program. Whether or not those developments were due to possible information gleaned from the breach is unknown.

NPO Mashinostroyeniya, the Russian embassy in Washington, and North Korea's mission to the United Nations (UN) in New York have not made public comments regarding the breach.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights