Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

North Korean Hackers Steal Defense Files from South

North Korean hackers managed to steal thousands of records from private firms and state agencies in the South including defense industry information and files from Korean Air, Seoul police said Monday.

North Korean hackers managed to steal thousands of records from private firms and state agencies in the South including defense industry information and files from Korean Air, Seoul police said Monday.

The hacking originated from 16 servers based in the North’s capital Pyongyang, police said, adding the North had stolen more than 42,000 internal records.

The North gained access to the internal systems of the firms and agencies at some point after hacking in 2014 into computer management software developed by a Seoul IT firm, according to the police.

North Korea Cyber Attacks

The breach was discovered earlier this year.

The hackers also planted 33 types of malicious code into the computers in an apparent bid to use them as “zombie” machines to launch future cyberattacks on other organizations in the South, it said.

The companies that were hacked include South Korea’s flagship air carrier Korean Air and SK Networks, a sister company of South Korea’s top wireless operator, SK Telecom, Yonhap news agency said.

“We worked with the organizations that were targeted to recover the lost records and fortify their computer security to prevent further infiltration,” the police said in a statement.

Some of the stolen records however contained information about the defense industry or network data essential to stage cyberattacks, it added.

Advertisement. Scroll to continue reading.

The records include designs of military aircraft and Internet facilities at South Korean army barracks, according to the Yonhap.

Police added that some of the 16 servers in Pyongyang had the same IP addresses as those that had staged a crippling cyberattack on Seoul’s banks and TV broadcasters in 2013.

Seoul has in recent years blamed the North’s hackers for a series of cyberattacks on military institutions, banks, state agencies, TV broadcasters, media websites and a nuclear power plant.

The attack in March 2013 left the websites and tens of thousands of computers at several TV stations and banks paralyzed for hours.

Pyongyang has angrily denied involvement in the attacks and accused Seoul of spreading fabrications aimed at slandering its leader.

The North operates an army of more than 1,000 hackers who stage hacking or cyberattacks targeting Seoul’s major institutions or key officials, according to the South’s spy agency.

Related ReadingSouth Korea Says North Hacked Phones of Key Officials

Related Reading: South Korea Accuses North of Cyber-attacks on Nuclear Plants

Related Reading: South Korea Nuclear Plants Stage Drill Against Cyber Attack

Related Reading: South Korea’s ‘Top Gun’ Cyber Warriors

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

David Chétrit has been appointed the CEO of Kudelski Security.

More People On The Move

Expert Insights