Go to Contents Go to Navigation

(2nd LD) Emails of Seoul officials hacked by N. Korea: prosecution

All Headlines 18:21 August 01, 2016

(ATTN: UPDATES with more details in paras 11-15)

SEOUL, Aug. 1 (Yonhap) -- A group of presumably North Korean hackers have attempted to break into the emails of some 90 South Korean diplomats, security officials and journalists, and dozens of passwords have been leaked in the process, state prosecutors said Monday.

The latest cyberattacks took place as Seoul is striving to better guard against Pyongyang's online infiltrations following a string of malicious attacks on government and corporate websites, for which the communist country has been blamed.

The Supreme Prosecutors' Office said that between January and June the group attempted to hack into the emails of officials at the ministries of foreign affairs, defense and unification, and also those of the journalists posted at these ministries. The victims also include some researchers specializing in North Korean issues.

During the attempts the passwords of 56 email accounts were compromised, the office said.

The investigators acted on a report earlier this year that some hackers had attempted to launch "spear phishing" attacks to break into some government officials' emails. Spear phishing is a type of fraudulent email attack that targets specific individuals or organizations by appearing to be a legitimate email from another known person or organization and asking unauthorized access to their confidential data.

Investigators are currently trying to ascertain whether any state secrets had been leaked during the hacking attempts.

Prosecutors pinpointed North Korean hackers as the culprits in the latest attacks, as the method used mirrored North Korea's high-profile cyberattack in 2014.

The prosecutors found that the hackers established some 27 phishing sites to carry out the schemes.

In cooperation with the National Security Service and the Korea Internet and Security Agency, prosecutors have shut down the phishing sites.

"It is important (for government officials) to refrain from using private email accounts for official work, and they should frequently change their email passwords," a prosecution official said. "When officials carry out important tasks, it is desirable for them to take some security steps such as temporarily shutting down the internet."

In recent years, the North has repeatedly shown a willingness to use its cybercapabilities to not only pose security challenges to its potential adversaries, but also wring out financial gains -- as evidenced in its May attack on a major South Korean commercial website, observers here said.

The North is alleged to have broken into the server of online shopping mall Interpark, which resulted in the leak of the personal data of an estimated 10.3 million people, including their names, home addresses and email addresses. It then tried to blackmail the mall for profit.

Seoul officials believe that the North's General Bureau of Reconnaissance (GBR), its premier military intelligence agency, has masterminded major online attacks on South Korea. Among the pivotal organs under the GBR is Unit 121, which is tasked with penetrating enemy computer networks to secure confidential documents or spread viruses.

According to defectors and reports, the North selects cybersavvy students from across the country at an early age and sends them to Geumseong Middle School in Pyongyang to give them intensive hacking lessons.

They are then enrolled into Command Automation University, Kim Chaek University of Technology or Moranbong University for further education. Upon graduation, they begin their career as elite cyberwarfare officers.



Send Feedback
How can we improve?
Thanks for your feedback!