N.Korea hackers stole S.Korea-US military plans
NORTH Korean hackers stole a large amount of classified military documents, including South Korea-US wartime operational plans to wipe out the North Korean leadership, a South Korean ruling party lawmaker said on Wednesday. Democratic Party representative Rhee Cheol-hee said in radio appearances on Wednesday that 235 gigabytes of military documents were taken from the Defence Integrated Data Centre in September last year, citing information from unidentified South Korean defence officials.
An investigative team inside the defence ministry announced in May the hack had been carried out by North Korea, but did not disclose what kind of information had been taken.
Pyongyang has denied responsibility in its state media for the cyber attacks, criticising Seoul for “fabricating” claims about online attacks.
Separately on Wednesday, cyber security firm FireEye said in a statement North Korea-affiliated agents were detected attempting to phish US electric companies via emails sent in mid-September, although these attempts did not lead to a disruption in the power supply.
It did not specify when the attempts had been detected or clarify which companies had been affected.
SIMPLE MISTAKE Rhee, currently a member of the National Assembly’s committee for national defence, said about 80 percent of the hacked data had not yet been identified, but that none of the information was expected to have compromised the South Korean military because it was not top classified intelligence.
Some of the hacked data addressed how to identify movements of members of the North Korean leadership, how to seal off their hiding locations, and attack from the air before eliminating them, the lawmaker had said.
Rhee said on Wednesday the hack had been made possible by “a simple mistake” after a connector jack linking the military’s intranet to the internet had not been eliminated after maintenance work had been done on the system.
The South Korean Defence Ministry’s official stance is that they cannot confirm anything the lawmaker said about the hacked content due to the sensitivity of the matter.
FireEye said the phishing attack on the electric companies detected was “early-stage reconnaissance” and did not indicate North Korea was about to stage an “imminent, disruptive” cyber attack. The North has been suspected of carrying out similar cyber attacks on South Korean electric utilities, in addition to other government and financial institutions.
Those attempts were likely aimed at creating a means of “deterring potential war or sowing disorder during a time of armed conflict”, FireEye said.
“North Korea linked hackers are among the most prolific nation-state threats, targeting not only the US and South Korea but the global financial system and nations worldwide,” its statement said.
“Their motivations vary from economic enrichment to traditional espionage to sabotage, but all share the hallmark of an ascendant cyber power willing to violate international norms with little regard for potential blowback,” it said. – Reuters
In this September 17 file photo, a US Air Force B-1B bomber drops a bomb as it flies over the Korean Peninsula during joint drills, South Korea.