Seoul (October 11, 2017): North Korean hackers allegedly stole classified military documents from a South Korean Defense Ministry database in September 2016, according to Rhee Cheol-hee, a member of South Korea’s National Assembly.
Rhee, who belongs to the ruling Democratic Party and sits on the Defense Committee has said that he received information about the alleged hacking from the Defense Ministry.
He said the documents stolen included the South Korea-US wartime operational plan and a document that includes procedures to “decapitate” the North Korean leadership. About 235 gigabytes worth of military data was stolen by the hackers, Rhee said.The Pentagon declined to comment specifically on reports of the potential breach, but spokesman Col. Robert Manning said on Tuesday that the US is “confident in the security of our operations plans and our ability to deal with any threat from North Korea.”
“The operations plan that they are referring to is a bilateral plan, so the Republic of Korea-US alliance remains steadfast in their commitment to make sure they safeguard that information and ensure readiness on the Korean peninsula to counter any North Korean threats,” Manning said.
Details of the alleged 2016 hack emerged as President Donald Trump continues to imply that diplomatic efforts to rein in North Korea’s nuclear and missile programs through negotiations have proven to be ineffective.The US and South Korea have been aware of North Korea’s bold hacking operations for several years, linking Pyongyang to a series of sophisticated cyberattacks.
In 2013, when South Korea’s banks and broadcasters were attacked, that government blamed its neighbor to the north. In 2014, the US government blamed North Korea for the the hack on Sony Pictures.
And in April, North Korea was linked to attacks on banks in 18 countries after researchers connected hackers to an operation known as “Lazarus,” according to a report from Russian cybersecurity firm Kaspersky.
The stolen money was likely used to help advance North Korea’s development of nuclear weapons, Anthony Ruggiero, a senior fellow for Foundation for Defense of Democracies, said at the time.
To hide their location, hackers typically launch cyberattacks from computer servers far from home. According to Kaspersky, the Lazarus hackers carefully routed their signal through France, South Korea and Taiwan to set up that attack server. But there was apparently one mistake spotted by Kaspersky: A connection that briefly came from North Korea.
Kaspersky is one of the world’s top cybersecurity firms, providing popular anti-malware protection to computers at homes and companies worldwide. Its researchers are known for exposing some of the most complex global hacking operations.