Security Experts:

Connect with us

Hi, what are you looking for?



South Korea Accuses North of Cyber-attacks on Nuclear Plants

South Korea Nuclear Facility

South Korea Nuclear Facility

South Korea’s government accused North Korea Tuesday of carrying out cyber-attacks last December on its nuclear power plant operator, describing them as a provocation which threatened people’s lives and safety.

“We condemn North Korea’s persistent cyber-terror targeting our country and the international community,” the unification ministry said after investigators concluded the North was behind the attacks.

“It’s a clear provocation against our security,” the ministry said in a statement, accusing Pyongyang of “taking the life and safety of our people as a hostage”.

Tensions between the neighbors are running high after the South this month held joint military drills with the United States, which the North has condemned as provocative rehearsals for invasion.

Last December hackers published designs, manuals and other information about South Korean reactors on Twitter, along with personal information about workers at their operating company, Korea Hydro and Nuclear Power (KHNP).

The leaks prompted the South to heighten cyber-security and form an investigation team involving experts, government officials and state prosecutors.

The team on Tuesday said the hackers intended to cause a malfunction at atomic reactors, but failed to break into their control system.

It said malicious codes used in the cyber-attacks were similar to those which North Korean hackers have employed before.

“We’ve reached the conclusion that the crime was committed by a group of North Korean hackers seeking to stir up social unrest and agitation in our country,” the investigators said in a statement.

They said the hackers used multiple Internet protocol addresses based in China to send some 6,000 “phishing” emails to over 3,570 former and current KHNP workers to steal the data.

‘Social chaos’

KHNP officials have said the 23 nuclear reactors, which supply about 30 percent of the country’s electricity, were safe because their control system was separated from external networks.

They also said the material leaked by the hackers was not classified and did not affect safety.

Seoul has blamed North Korean hackers for a series of cyber-attacks on military institutions, banks, government agencies, TV broadcasters and media websites in recent years.

The United States also said the North was behind a cyber-attack which damaged the computer network of Sony’s Hollywood film unit over its controversial North Korea-themed satirical film “The Interview” last year.

Pyongyang denied involvement in the Sony hack but strongly condemned the film, which features a fictional plot to assassinate leader Kim Jong-Un.

South Korea’s unification ministry on Tuesday blasted Pyongyang for seeking to throw South Korea into “social chaos” with cyber-attacks on its crucial infrastructure.

North Korea has become increasingly bellicose in recent weeks ahead of large-scale joint military drills between the US and South Korea. One of the joint drills, Key Resolve, wound up last week, while the other, Foal Eagle, is set to continue until April 24.

The exercises are always a particularly testing time for relations between the two Koreas, who remain technically at war because the 1950-53 Korean conflict ended with a ceasefire, rather than a peace treaty.

North Korea displayed displeasure when this year’s drills began by firing two short-range missiles into the sea off its east coast. Last week it fired another seven surface-to-air missiles into the sea.

RelatedRegister Your Interest For the 2015 ICS Cyber Security Conference

RelatedSouth Korea Nuclear Plants Stage Drill Against Cyber Attack

RelatedSouth Korea’s ‘Top Gun’ Cyber Warriors

RelatedCyberattack on German Steel Plant Caused Significant Damage

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...


Cybersecurity firm Forescout shows how various ICS vulnerabilities can be chained for an exploit that allows hackers to cause damage to a bridge.


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


More than 1,300 ICS vulnerabilities were discovered in 2022, including nearly 1,000 that have a high or critical severity rating.