Lazarus Group Targets European Drone Manufacturers in Espionage Campaign

Key facts

• Lazarus Group targets European drone manufacturers for sensitive tech data.
• Cyber tactics include phishing and malware to breach security.
• Experts urge enhanced cybersecurity measures in the defense sector.

2 minute read

North Korea’s Lazarus Group is seeking European drone know how to compress research timelines and bypass export controls. The likely targets include design files, flight control software and test data, along with supplier credentials that enable access to production networks. Successful theft would narrow Europe’s qualitative edge in autonomy, electronic warfare resilience and mission software, weakening the technological backbone of NATO’s deterrence posture.

The campaign underscores a persistent pressure that sits below traditional thresholds for response. Prime contractors have raised defenses, smaller suppliers remain exposed, which creates systemic risk across the supply chain. Policymakers should treat unmanned systems and their software stacks as critical infrastructure, aligning oversight, incident reporting and resourcing accordingly. Swift execution of NIS2 and the Cyber Resilience Act must be paired with defense specific baselines for secure development, vulnerability disclosure and software bill of materials across the drone ecosystem.

Manufacturers should prioritise phishing resistant authentication, tight privileged access controls, segmentation between IT and OT, and isolated engineering environments for CAD and firmware with strict data loss prevention. Continuous monitoring, threat hunting and red teaming should become standard contract requirements. Governments can accelerate uplift through targeted grants, pooled managed security services for SMEs and mandatory compromise reporting to national CSIRTs, CERT EU and NATO channels to convert single intrusions into sector wide warning.

At the strategic level, the EU and allies should combine export control vigilance with coordinated law enforcement and sanctions actions that disrupt DPRK operators, infrastructure and monetisation pipelines. Intelligence sharing through ENISA, the EU Defence Agency and NATO’s CCDCOE can close detection gaps and raise costs for adversaries. Public procurement should reward suppliers that can demonstrate zero trust progress and verified secure development practices.

Europe’s defence edge will rely on protecting software and intellectual property as much as platforms.

Source: csoonline.com

If you like this article you may also like....

Belgium Unveils Real-Time Drone Mapping for Hybrid Threat Detection

Belgium is advancing its defense capabilities by proposing a real-time drone mapping system aimed at detecting hybrid threats. This initiative underscores the growing recognition of drones as vital tools in national security, particularly in monitoring and responding to complex threats.

Europe’s Curated Drone News & Industry IntelligenceMr. T (Curator)

Ukraine Pursues Saab Gripen Fighter Purchase from Sweden

Ukraine is taking significant steps towards acquiring a fleet of Saab Gripen fighter jets from Sweden. This move marks a crucial development in military cooperation between the two nations, as stated by the Swedish Prime Minister. The deal aims to bolster Ukraine’s defense capabilities amidst ongoin

Europe’s Curated Drone News & Industry IntelligenceMr. T (Curator)

SSU Launches Enhanced Sea Baby Maritime Drones with Advanced Armaments

The State Special Communications Service of Ukraine (SSU) has revealed upgraded Sea Baby maritime drones, now equipped with advanced weaponry. This development aims to bolster Ukraine’s naval capabilities amid ongoing conflicts.

Europe’s Curated Drone News & Industry IntelligenceMr. T (Curator)