South Korean lawmakers have claimed that hackers from that other Korea broke (electronically) into the South Korean Defense Ministry and stole large amounts of information – including a plan to assassinate North Korean leader Kim Jong-un and several of his top lieutenants.
Rhee Cheol-hee, a member of the Democratic Party of Korea – the ruling party of South Korean President Moon Jae-in – and a member of the National Assembly who sits on the Defense Committee, broke the story. He said the 235 gigabytes of information was stolen in September 2016, and the government has yet to identify 80 percent of what’s actually been compromised.
In total, 3,200 computers were hacked. Seven hundred of them were within the South Korean military intranet, not connected to other computers. One computer affected was used by then-Defense Minister Han Min-goo. The hack came from an IP address in Shenyang, a city in northeastern China about 150 miles from the North Korean border, that is often accused of acting as an operating ground for North Korean hackers.
South Korea’s ambitions to take out Kim are no secret. In September, South Korean Defense Minister Song Young Moo publicly confirmed the existence of a special forces brigade, dubbed “Spartan 3000,” with the sole objective of “decapitating” Pyongyang with a surgical strike against Kim and his top deputies.
Also stolen was a wartime emergency plan for South Korea prepared by Seoul with assistance from Washington. It included analysis of the readiness of institutions like South Korean special forces, the national energy grid and military bases for full-blown war on the Korean Peninsula.
North Korea denied the allegation when South Korean legislators first asserted that a massive hack had taken place back in May 2017. The South Korean Defense Ministry has yet to comment on Rhee’s report. It isn’t clear how much damage the hack did to South Korea’s military strength or combat readiness.
Though cyber-warfare isn’t new in the never-ending tensions on the Korean Peninsula, in recent years the conflict has increasingly taken to cyberspace. For example, in 2010, the United States broke into the computer systems of North Korea’s foreign intelligence agency, the Reconnaissance General Bureau.
South Korean intelligence estimates that 1,700 state-sponsored hackers work for Pyongyang. Most hack attacks traced back to this group are financial in nature and not directed at stealing state secrets. In July 2017, South Korea’s Financial Security Institute (FSI) issued a report claiming that North Korea is the backer of the hacking group Lazarus, which has been connected by numerous cybersecurity firms as well as the US government to high-profile hack attacks.
These include the $81 million cyber heist from Bangladesh’s central bank in 2016 as well as the cyberattack against Sony Pictures in 2014 in retaliation for the studio’s distribution of “The Interview,” a comedy about an assassination attempt against Kim.