North Korea increases cyberattacks on South Korea

Rep. Ha Tae-keung of the main opposition People Power Party speaks during a press conference at the National Assembly in Seoul, Thursday, calling on the government to declare a state of emergency over North Korea's cyberterrorism campaign against South Korea. Yonhap

By Kang Seung-woo

Several major South Korean facilities have fallen victim to cyberattacks originating from North Korea in recent months, as the reclusive state has been ramping up its cyberterrorism campaign against its southern neighbor.

According to relevant organizations and Rep. Ha Tae-keung of the main opposition People Power Party (PPP), the Korea Atomic Energy Research Institute (KAERI) was attacked in May, followed by attacks on Korea Aerospace Industries (KAI) and Daewoo Shipbuilding and Marine Engineering (DSME).

KAERI is a government-funded research institute in charge of developing nuclear technology, and KAI is the nation's sole aircraft manufacturer, while DSME is a major shipbuilder specializing in the construction of submarines and other naval vessels.

Some of the cyberattackers' online addresses were traced back to the servers of "kimsuky," a North Korean advanced persistent threat group.

KAI appears to have had its system compromised twice this year by unidentified entities, and "a large quantity of documents" seems to have been leaked, confirmed by the Defense Acquisition Program Administration (DAPA) which handles national arms procurement.

Making the situation worse, some say the breached data might include sensitive information about major defense items, such as the KF-21 fighter jet development project, FA-50 light combat aircraft, unmanned aircraft and radar.

"As there have been suspected cyberattacks, we requested a police investigation on Monday. We will fully cooperate with investigators to reveal the facts," KAI said in a statement, Wednesday, without elaborating further.

In terms of cases regarding the KAERI and KAI, they were attacked through a VPN system vulnerability, according to Ha.

"If the country's nuclear power and other key technologies have been leaked, it could become a massive security breach following Pyongyang's infiltration of Seoul's military cyber command in 2016," Ha said.

The opposition lawmaker claimed that a series of cyberattacks, especially regarding the KAI case, had to do with the United States.

"The North Korean cyberattacks targeted core technologies of a nuclear-powered submarine, which could directly threaten the U.S.," Ha said.

The lawmaker also said the North's cyberterrorism may develop into a diplomatic issue, given that KAI is connected with U.S. defense companies, which could place them in jeopardy.

"Before it evolves into a diplomatic issue between allies, South Korea and the U.S. need to hold a cybersecurity meeting," Ha said.

KAI and U.S. aerospace giant Lockheed Martin jointly developed the T-50A trainer aircraft.

In the wake of the cyberterrorism campaign, Ha urged the government to declare a state of emergency and take actions to deal with it.

"First, Cheong Wa Dae needs to convene a National Security Council meeting to call for a pan-government all-out way to deal with the cyberattacks," he said.

The lawmaker also said South Korea and the U.S. need to handle the issue jointly, while urging President Moon Jae-in to hold National intelligence Service chief Park Jie-won responsible for not stopping the cyberattacks.