South Korea Says North Korea Hacked Its Computers And Deleted Over 42,000 Documents
South Korean police on Monday confirmed that North Korea has hacked into several of its computer networks.
According to Yonhap, the South Korean news agency, North Korea has penetrated two South Korean conglomerates — SK Group and Hanjin Group — and has deleted over 42,000 documents, including the ones that contained classified and sensitive military data.
According to the National Police Agency (NPA), North Korea started hacking the networks of South Korean telecoms company SK Group and the Hanjin Group in July 2014.
Hanjin Group has Korean Air Lines Co. under its wing, which makes auto components for military jets.
South Korean police began the probe in February, when it received a tip-off on malicious code, allegedly distributed by North Korea.
“North Korea seems to be engaged in some sort of long-term preparation to launch a nationwide cyberattack (on the South). It kept trying to get into organizations even when it secured access to effectively launch attacks on some of the conglomerates’ affiliates,” a police officer told Yonhap.
In March, South Korea’s spy agency accused North Korean hackers of trying to penetrate its public transport system.
“North Korea has worked for years to develop the ability to disrupt or destroy computer systems that control public services such as telecommunications and other utilities,” a North Korean defector familiar with the effort told Reuters.
Interestingly, North Korea, which is under the dictatorship of Kim Jong-un, has allowed internet access to only select government officials and other elites. The rest of North Korea has a closed national network called the Kwangmyong, an intranet with state-approved information, according to the Washington Post. This selective access works well in fending off foreign cyberattacks in North Korea, according to a recent Reuters report.
Earlier, the FBI had blamed North Korea for the attack on Sony’s Hollywood studio, which produced The Interview. The movie, a comedy starring Seth Rogen and James Franco, revolves around the fictional assassination of North Korean dictator Kim Jong-un.
The Interview was initially pulled from theatrical release, but it was subsequently made available online and has become Sony’s highest-grossing digital release. In the movie, Kim Jong-un is portrayed as a Katy Perry fan with daddy issues.
At Fordham University’s international conference on cyber security last year, FBI director James Comey reiterated that the North Korean government was responsible for the massive computer hack on Sony Pictures.
“The hackers got sloppy and allowed their location to be identified on a number of occasions,” Comey said, according to a report by the Guardian.
North Korea, however, denied these allegations. No hard evidence has been found yet that has revealed the country’s involvement.
Coincidentally, a private cybersecurity firm, which investigated the hack, indicated that those responsible for the cyber attack could have been former Sony employees, while other studies have pointed the finger at Russian hackers.
“The problem with that one is that the Sony network was documented Swiss cheese,” Cris Thomas (aka Space Rogue in hacker circles), a strategist at Tenable Network Security, told Tech Insider.
“People have been in and out of the Sony network for the last decade. There’s a list of who hacked Sony when,” he said.
Comey, however, stood by FBI findings and stated that studies of GOP emails to Sony employees revealed the use of IP addresses in North Korea.
“The group had failed to use hacked third-party proxy servers several times, Comey said, allowing the FBI to track their locations,” the Guardian reports.
According to UPI, North Korean hackers have mainly used viruses to gain access to South Korean computers, turning individual PCs into “zombies” that could then be used to conduct distributed denial-of-service, or DDoS, attacks.
[Photo by Wong Maye-E/AP Images]
