North Korea is suspected of having launched a cyber attack last year on the South Korean capital’s subway system that carries millions of commuters every day, a Seoul lawmaker said Monday, citing intelligence reports.
The attack, staged between March and August 2014, affected several servers of Seoul Metro, which runs four major subway lines, ruling party legislator Ha Tae-Kyung said.
Nearly 60 employee computers were infected by malware, Ha said. After analyzing the hacking records, the National Intelligence Service (NIS) found that the malware codes were similar to those North Korean hackers have employed before, he added.
A Seoul Metro spokesman confirmed the hack, but stressed that computers used for the direct operation of subway lines were not compromised.
“There were data and information leaks, but none related to direct operations,” the spokesman said. “We still don’t know who was behind the attack,” he added.
Seoul’s subway network is one of the busiest in the world, carrying around 5.25 million passengers a day. South Korea has blamed North Korean hackers for a series of cyber attacks on military institutions, banks, government agencies, TV broadcasters and media websites in recent years.
Last December Seoul accused Pyongyang of launching a cyber attack on South Korea’s nuclear power plant operator. Pyongyang denied any involvement and accused Seoul of fabricating the incident.
South Korea has strengthened Internet security since it set up a special cyber command in 2010, amid growing concern over its vulnerability.
The South’s defense ministry believes North Korea runs an elite cyber warfare unit with up to 6,000 personnel, and regards its ability to launch hacking attacks as a major security threat.
Related: Register the 2015 ICS Cyber Security Conference
Related: South Korea Nuclear Plants Stage Drill Against Cyber Attack
Related: South Korea’s ‘Top Gun’ Cyber Warriors