South Korean police has said today that North Korea was behind cyber-attacks that started as early as July 2014 and breached two of the country’s telecom giants – the SK Group and the Hanjin Group – stealing over 42,000 documents. However, the intrusion was detected by the authorities only in March 2016. Of the more than 42,000 materials stolen, more than 40,000 were defence-related. The stolen documents included wing blueprints for an F-15 jet fighter taken from Korean Air Lines, a contract manufacturer for the South Korean military. “There is a high possibility that the North aimed to cause confusion on a national scale by launching a simultaneous attack after securing many targets of cyber terror, or intended to continuously steal industrial and military secrets,” the investigation unit said. However, a defence ministry official said that the stolen documents were not secret and that there was no security breach. A spokesperson at SK Holdings said that four group affiliates were affected by the hack. Declining to identify the software, police said the hacking originated from an IP address traced to the North Korean capital and targeted network management software that is commonly used by private companies and government agencies. The IP address was similar to the one used in a 2013 cyberattack against South Korean banks and broadcasters that froze computer systems for more than a week. South Korea blamed the North for that attack, and the North refused to accept any responsibility. Police said they worked with the companies and agencies that were affected to defuse the malicious codes and stop them from being used in a large-scale cyberattack. While North Korea has constantly denied any involvement in cyberattacks on its neighbor, South Korea has been on alert to ward off any cyberattack coming from North Korea, particularly after the country successfully tested a miniaturised hydrogen bomb in January 2016.
