From
Send to

Military info leaked in N. Korea's cyberattack: Seoul policy

June 13, 2016 - 15:13 By 임정요

South Korean police said Monday North Korea had penetrated into the internal networks of the affiliates of two local conglomerates and stole and subsequently deleted some 42,000 documents, including some containing military information.

According to the National Police Agency (NPA), in July 2014 the North started hacking the networks of South Korean telecoms giant SK Group and the Hanjin Group which has the country's top flag carrier Korean Air Lines Co. under its wing. Korean Air makes parts for military jets.

The network, developed by a private firm, allows its operators to remotely control computers en bloc. Over 160 major companies and government organizations use the system, police said.

Among some 42,608 documents suspected to have been compromised, the design map of the wing of the U.S. F-15 fighter jet and photos of parts of a medium altitude unmanned surveillance vehicle were included, police said.

Still, no major information which could pose a direct threat to South Korea's security was included, according to police.

The Internet Protocol address -- the online equivalent of a street address -- that launched the attack was traced to Pyongyang, police said, wrapping up their months-long investigation. It was identical to the one that launched attacks against local media and financial organizations in March 2013.

Police said they began the probe after receiving tips on malicious code suspected to have been distributed by the North in February.

North Korea has a track record of waging cyberattacks on South Korea and the United States in recent years, though it has consistently denied any involvement.

"North Korea seems to be engaged in some sort of long-term preparation to launch a nationwide cyberattack (on the South)," a police officer said. "It kept trying to get into organizations even when it secured access to effectively launch attacks on some of the conglomerates' affiliates." (Yonhap)