North Korean hackers targeted Russia’s top missile maker

Russian Defense Minister Sergei Shoigu visited Pyongyang, North Korea in 2022 as part of an anniversary celebration for the 1950-1953 Korean War. He had no idea that Kim Jong Un’s regime was actively hacking into his country’s most sensitive missile technology at the same time. In fact, North Korean hackers had been at it for months. 

Admittedly, Russia was pretty distracted by its ongoing war in Ukraine, but that should have put NPO Mashinostroyeniya, the missile design firm based in a Moscow suburb, on high alert. In August 2023, it was revealed Russian cybersecurity analysts had discovered that North Korea-linked hacking groups planted a digital backdoor into the company’s systems, giving them untold access. 

In the months since the illegal hack, North Korea has announced several breakthroughs in its ballistic missile programs, but Russia will not confirm if those breakthroughs are the result of stolen Russian missile technology. The only thing anyone knows for certain is that Pyongyang is willing to cyberattack its own friends to advance its own interests. 

The break in is particularly distressing for the West because NPO Mashinostroyeniya was a leading pioneer in the development of Russia’s hypersonic missile systems, which have a range of 1,000 kilometers, travel at Mach 6 and are invisible to ballistic missile tracking systems, even as they penetrate missile defense shields. The company also develops satellite technology and advanced ballistic missiles. 

It’s a well-known fact that North Korea has long sought an intercontinental ballistic missile that was capable of reaching the mainland United States. The company also led the development of Soviet cruise missiles and rockets for the Russian space program. It’s not known what exactly North Korea’s hackers stole or looked at during the months they had access to NPO Mashinostroyeniya’s computer systems. 

Neither Russia, North Korea, nor NPO Mashinostroyeniya has commented on the breach, North Korea’s missile advances, or anything related to hacking programs or cybersecurity. 

The hacks began in late 2021 and had unfettered access to the company’s computer systems until May 2022, when its IT engineers discovered North Korea’s backdoor software, according to Reuters. The hackers could read company emails, access its networks and even remove data. An IT engineer at the company leaked the evidence of the hack onto a website used by cybersecurity experts around the world. 

NPO Mashinostroyeniya created, among other weapons, the 3M22 Zircon hypersonic missile, capable of traveling nine times the speed of sound. That information may now be in the hands of North Korean scientists, and there’s no way to know if they could develop the same technology and how fast they might be able to do it. 

The company also has solid fuel technology for ballistic missiles, tech that would allow North Korea to deploy its missile systems much faster in the event of a conflict, since it wouldn’t have to fuel its missiles with liquid fuel on the launchpad. It would also make the missiles and their launchers harder to find and destroy before they could be fired. 

Experts in missile technology believe the solid fuel technology is the most likely information it wanted to steal for short-term gain. Sure enough, North Korea launched its first solid fuel missile in July 2023. A North Korean hypersonic missile would take much more time and effort, but North Korea is a rogue state, determined on maintaining a missile deterrent to keep Kim Jong Un in power.