South Korea suspects North Korea of hacking its military cyber command center last month after officials found a malicious code in the system that resulted in the theft of confidential military documents, according to Yonhap News Agency report on Tuesday.
It seems the intranet server of the cyber command has been contaminated with malware. We found that some military documents, including confidential information, have been hacked
The South Korea’s cyber command said it isolated the affected server from the rest of the network to prevent further damage from viruses, but it hasn’t yet determined how much data were leaked.
It is unclear how the virus got into the system but its target was a ”vaccine routing server” used by military cyber command.
The vaccine routing server was installed to provide extra security to military computers connected to the Internet. According to Yonhap News country’s national defense committee member Kim Jin-pyo:
“A malicious code was identified and it appears to have taken advantage of the vulnerability of the routing server,” he said. “In a cautious measure, the server has been separated from the network.”
News about the breach first came out back in September when South Korean lawmaker Kim Jin-pyo revealed that a malicious code exploited a vulnerability in the military’s routing server. He said the chances of the infiltrators stealing confidential info are “very low,” since the command’s computers use an intranet that’s not connected to that server. Based on this new info, that wasn’t the case — South Korean authorities still aren’t sure which among its confidential documents the hackers got a hold of, though.
North Korea is known to have thousands of staff ready to perform cyber warfare. The NSA believes it responsibly attacking computers Sony Entertainment in 2014, which led to a massive info dump and unedited film was online. In June, reports came out that the country US jet stolen blueprints. SK blamed a recent cyber attack that damaged the phones of security officers in the north.
You shouldn’t be surprised if North Korea is found to be the culprit behind this attack. The South has blamed North several times for conducting cyber operations against its servers. Last year, North pointed their fingers on the South for hacking its Nuclear plant and subway system.
Image credit: DEVIANTART/DEATHD0G101