North Korea Hacked 140,000 Computers in Cyber War Prep

North Korea has hacked into more than 140,000 computers belonging to 160 South Korean companies and government organizations, Seoul officials have announced. The hack was part of a long-term plan by the North to launch a huge cyber-attack on its neighbor.

The hack began back in 2014 but wasn’t detected until February of this year, Reuters said. The attackers targeted a vulnerability in network management software that is widely used in South Korea. The South’s cyber investigation unit told Reuters it had neutralized the malware before it could be used in a large-scale attack.

“There is a high possibility that the North aimed to cause confusion on a national scale by launching a simultaneous attack after securing many targets of cyber terror, or intended to continuously steal industrial and military secrets,” an official at the cyber investigation unit told Reuters.

Some 42,000 documents were stolen before the malware was detected, with 40,000 of those being defense-related. This included blueprints for the wings of F-15 fighter jets.

Korean Air Lines and SK Holdings, two companies named by South Korean media as victims of the hack, said the stolen documents were not classified, and a South Korean official added that none of the defense-related documents were top secret.

According to The Wall Street Journal, the IP address used by the hackers was traced to North Korea’s capital Pyongyang, and was the same one used in a 2013 attack that targeted South Korean banks and TV stations. North Korea has denied involvement.

The reclusive North has stepped up its hacking efforts over recent years. The infamous Sony hack of 2014 was allegedly the work of North Korea hackers, and as well as the 2013 attack on banks and TV stations, North Korea has been accused of running a spyware campaign against South Korean organizations.

It was also recently revealed that the North has been increasing its cyber-attacks on the South. An official at South Korea’s spy agency said that over the previous month attacks originating from North Korea had doubled. Targets included the railway control system, networks belonging to financial institutions and smartphones belonging to over 300 officials.

What’s Hot on Infosecurity Magazine?