The cybersecurity company FireEye says in a new report to private clients, obtained exclusively by NBC News, that hackers linked to North Korea recently targeted U.S. electric power companies with spearphishing emails.
The emails used fake invitations to a fundraiser to target victims, FireEye said. A victim who downloaded the invitation attached to the email would also be downloading malware into his or her computer network, according to the FireEye report. The company did not dispute NBC’s characterization of the report, but declined to comment.
There is no evidence that the hacking attempts were successful, but FireEye assessed that the targeting of electric utilities could be related to increasing tensions between the U.S. and North Korea, potentially foreshadowing a disruptive cyberattack.
“This is a signal that North Korea is a player in the cyber-intrusion field and it is growing in its ability to hurt us,” said C. Frank Figliuzzi, a former chief of counterintelligence at the FBI.
The FireEye report comes on the heels of an NBCNews.com report in August that U.S. intelligence officials are increasingly worried that North Korea will lash out against enhanced U.S. pressure by using its fearsome cyber capabilities to attack U.S. infrastructure. (Read more from “North Korea Targeted U.S. Electric Power Companies” HERE)