North Korea Fingered Again in Hacking ‘Revelations’
After the 4 July DDoS attacks, wrongly attributed to North Korea, it’s wise to treat reports of DPRK security hacks with some caution. Nevertheless, The Korea Times reports the following:
Classified Info on Dangerous Chemicals Hacked
Hackers stole classified information on dangerous chemicals in their raid on the South Korean army computer network in what was believed to be an attack by North Korea, Yonhap News Agency reported Saturday, quoting government officials.
The Chemicals Accident Response Information System, used by 589 South Korean government agencies including fire and police stations, was accessed by hackers on March 5. Hackers appear to have broken into the system using the ID of a South Korean army officer whose personal computer was infected by a virus, according to officials.
“We believe the hacker tapped into the system using the ID, withdrawing classified information of 1,350 dangerous chemicals,” an army official was quoted as saying by Yonhap. “The government believes North Korea could be behind the hacking. We are continuing our investigation.”
The revelation comes less than three months after cyber attacks severely slowed or disrupted dozens of South Korean government and business Web sites, including those of the presidential office and ministries of defense and foreign affairs. Rumors were rampant then that North Korean hackers orchestrated the attacks, although they have yet to be substantiated.
“We are trying to find out exactly how much information has been withdrawn,” another unnamed official at Seoul’s Environment Ministry was quoted as saying, adding the government has asked organizations dealing with the chemicals to tighten security.
Unnamed intelligence sources in Seoul said in May that North Korea operates a cyber warfare unit that seeks to disrupt South Korean and U.S. military networks and visits U.S. military sites more frequently than any other country.
South Korea and the U.S. signed a memorandum of understanding on April 30 to bolster cooperation in fighting cyber terrorism against their defense networks.
The Sydney Morning Herald adds more information:
A North Korea cyber warfare unit hacked into a South Korean military command earlier this year and stole some 2,000 national secrets, including information on toxic chemical makers, a news report said Saturday.
The North Korean unit hacked the army command in March and obtained its password for a database on how to respond to chemical accidents, Chosun Ilbo newspaper reported.
The report said the National Institute of Environmental Research, which set up the database, cut off its Internet link to the army command a day after the attack after being tipped off by South Korea’s spy agency.
The state-run research agency said some 2,000 secrets, including information on about 700 local toxic chemical manufacturers, appeared to have been leaked, according to the newspaper.
The newspaper cited the November edition of its sister company’s magazine, Monthly Chosun, noting the magazine obtained the information from the prime minister’s office.
South Korea’s spy agency, the National Intelligence Service, declined to comment, citing national security reasons. Calls to the prime minister’s office, the Defense Ministry and the National Institute of Environmental Research seeking comment went unanswered Saturday.
A separate news report said the password was leaked when an army colonel’s computer became infected with a virus while visiting an Internet portal site. The Yonhap news agency, citing an unidentified military official, said the South does not rule out the possibility of North Korea’s involvement in the hacking attack.
