Crisis Management for a Conflict with North Korea
This is the best North Korea conflict crisis support available today. Predict, plan, build, prepare, train, and test in the right way.
CJ Group digital certificate misused in cyberattack linked to North Korea
Joongang Ilbo | English | News | May 9, 2025 | Cyber Attacks and Data Loss
A digital certificate issued to CJ OliveNetworks, the IT division of Korea's CJ Group, was leaked and misused in a cyberattack associated with North Korea. Cybersecurity officials reported that investigators discovered a malicious file containing a digital signature from CJ OliveNetworks, indicating that hackers had stolen and exploited the company's certificate, which is typically used to authenticate software and its creators.
The cyberattack was linked to the Kimsuky hacking group, a known North Korean cyberespionage unit. Evidence presented by RedDrip Team, a Chinese cybersecurity firm, revealed that Kimsuky utilized the stolen certificate in an attempt to launch a cyberattack on the Korea Institute of Machinery and Materials, a national research institution. In response to the breach, CJ OliveNetworks confirmed that the certificate, meant for software development and distribution, was immediately revoked and is no longer valid.
CJ OliveNetworks plays a crucial role in developing and managing IT infrastructure for major CJ affiliates, including CJ Logistics and CJ ENM. The company also provides business-to-business solutions like smart factory systems and logistics automation, catering to manufacturing clients both domestically and internationally.