The prosecution and police have embarked on a full-fledged inrestigation into the alleged hacker attacks on the state-controlled nuclear reactor operator and some data leaks.
The two investigative agencies have been put on emergency alert as the suspect has threatened to publicize more data held by the Korea Hydro & Nuclear Power Co. on the Internet if the government does not close down three of Korea’s 23 reactors by Dec. 25.
In the wake of the data leaks, making public some internal information of the KHNP and issuing threats four times since Dec. 15, the prosecution said Monday that it would seek coordination with U.S. investigators.
Its move for probe coordination came as local investigators recently found that the suspect Twitter account had been registered in the United States.
In a Twitter posting in Korean on Dec. 21, the suspect claimed to be “the chief of an anti-reactor entity from Hawaii, (nicknamed) U.S. Nuclear.”
Investigators also rule out the possibility that the data sourcing was committed by North Korea or a hacker in South Korea. Though the authorities traced the Internet protocol addresses used to Daegu, it failed to capture the suspect.
Some cybersecurity experts say the leaks at the KHNP showed similarities with the hacker attacks on major broadcasting companies and financial firms including KBS and Shinhan Bank in March 2013. The prosecution has said that the 2013 incident was thought to have been committed by North Korean online attackers.
Aside from the tweet, the suspect (or a group of hackers) submitted posts between Dec. 15 and Dec. 21 on websites such as Naver and Nate and unidentified personal blogs. Investigators alleged that the hacker was trying to disguise his or her location to hamper the IP address chase.
The suspect first publicized personal profiles of some of the 10,799 employees of the reactor operator KHNP in blog postings on Dec. 15.
The cybercriminal later posted internal information on the nuclear reactors such as floor plans on Dec. 18 and 19 on Twitter, demanding the shutdown of Kori reactor units 1 and 3 and Wolseong reactor unit 3 for three months from Dec. 25.
In the latest post on Sunday, the suspect made public the designs and manuals of Kori reactor unit 2 and Wolsong reactor unit 1, taken from the KHNP. Among the leaked information were details on the reactors’ air conditioning and cooling systems.
The alleged hacker said that 100,000 additional pages of data from the reactor operator would be disclosed to the public unless the government shuts down Kori-1, 3 and Wolsong-2 nuclear reactors by Christmas Day.
“I could talk with you about handing over the data I’ve got, in New York or Seoul, after the reactors are closed down. (For negotiation), you have to guarantee my personal protection and pay some money,” the suspect wrote in a Dec. 21 posting.
![[KH Explains] Will 6-day workweek for executives help Samsung avert crisis?](http://res.heraldm.com/phpwas/restmb_idxmake.php?idx=645&simg=/content/image/2024/04/21/20240421050096_0.jpg&u=20240421164408)
![[AtoZ into Korean mind] Humor in Korea: Navigating the line between what's funny and not](http://res.heraldm.com/phpwas/restmb_idxmake.php?idx=645&simg=/content/image/2024/04/22/20240422050642_0.jpg&u=)
