Go to Contents Go to Navigation

(5th LD) N. Korea stole information from smartphones of S. Korean officials: spy agency

All News 22:41 March 08, 2016

(ATTN: UPDATES with more info in paras 5-10; Minor edits)

SEOUL, March 8 (Yonhap) -- North Korea has stolen information from the smartphones of South Korean officials, Seoul's spy agency said Tuesday, the latest in a series of cyberattacks against South Korea.

North Korean hackers sent text messages to about 50 major South Korean officials to try to lure them into following links to malicious software, the National Intelligence Service (NIS) said.

The intelligence agency said about a dozen smartphones belonging to them were eventually infected with malware between late February and early March, giving the hackers access to lists of phone conversations, along with the contents of text messages and phone conversations.

The security breach has also led to the leak of the phone numbers of other senior South Korean officials.

National Security Adviser Kim Kwan-jin, Foreign Minister Yun Byung-se and Defense Minister Han Min-koo were reportedly included on the hit list, but were not compromised. The NIS did not identify any officials whose smartphones were hacked.

According to officials, the North mainly targeted military officials. No damage from the presidential officials has been reported yet.

Later on Tuesday, defense ministry officials said North Korea is suspected of hacking into South Korea's defense ministry, shortly after the communist country carried out its fourth nuclear test in January.

Some documents were leaked after unidentified hackers broke into a dozen computers used at the Ministry of National Defense here between late January and early February. No classified military information has been exposed in the process, officials said.

The hacked computers were all for Internet use, separated from the military's intranet, according to the officials.

The ministry officials said they are investigating the details of the incident and have not ruled out the possibility of North Korea's involvement.

The latest cyberattacks came amid heightened tensions on the Korean Peninsula following Pyongyang's nuclear test and long-range rocket launch earlier this year.

South Korea and the U.S. began the largest-ever annual military drill on Monday in the latest show of force against North Korea. In response, North Korea threatened to counter with a preemptive attack.

The hacking attacks also came as President Park Geun-hye has called on the parliament to endorse a bill meant to prevent cyber terrorism.

The NIS asked the relevant ministries to maintain readiness to cope with North Korea's cyberattacks, noting it has detected signs that North Korea could be preparing a massive cyberattack.

The NIS also said it confirmed last month that North Korean hackers controlled the internal computer network of a South Korean firm whose security software is used by more than 20 million South Koreans for financial transactions on the Internet.

The security breach could potentially pose a threat to South Koreans who rely on the Internet for banking and credit card transactions.

Still, the NIS said no ordinary South Koreans were affected and that joint security measures were taken with the company to deal with the attack. It said the damage was restricted to the company's server.

It also said North Korean hackers made a failed attempt to steal the email accounts and passwords of employees of two South Korea's regional rail operators in January and February, though it declined to say whether rail operators are operators of subways or regular trains.

South Korea runs subways in Seoul and five other major cities -- Busan, Daegu, Incheon, Daejeon and Gwangju.

The intelligence agency believes that the hacking may have been an attempt by the North to stage a cyberattack against the control tower of South Korea's rail system.

Last year, North Korea turned 60,000 computers into zombies, which could be used for its cyberattacks. In January alone, North Korea is believed to be in control of about 10,000 "zombie computers" in more than 120 countries, according to the NIS.

North Korea -- which has thousands of cyberwarfare personnel -- has a track record of waging cyberattacks on South Korea and the United States in recent years, though it has flatly denied any involvement.

North Korea launched a cyberattack against South Korea in July 2009, two months after its second nuclear test. It also hacked South Korean media organizations and financial firms in March 2013, a month after its third nuclear test.

North Korea carried out its fourth nuclear test in January and launched a long-range rocket in February.


Send Feedback
How can we improve?
Thanks for your feedback!