The Korea Herald

지나쌤

[Editorial] NK cyberattacks

S. Korea’s defense authorities required to fix serious security loopholes revealed last week

By Korea Herald

Published : Aug. 12, 2024 - 05:29

    • Link copied

South Korea’s cybersecurity and intelligence assets have recently suffered setbacks, raising questions about the country’s security preparedness against North Korea’s intensifying cyberattacks and intelligence operations.

The worrisome problem is that South Korean authorities are trying to minimize the scale and depth of the latest security breaches rather than taking steps to fix the apparent loopholes at a time when North Korea is ratcheting up its cyber and surveillance offensive.

On Friday, local media reported that a subcontractor for a major defense technology company had been hacked, leading to the leak of technical data about the South Korean military’s Baekdu and Geumgang surveillance aircraft, citing defense and police sources.

South Korea’s military introduced the Baekdu reconnaissance aircraft as a key surveillance asset of the Air Force, naming it for its wide coverage of Mount Baekdu in North Korea. The Geumgang reconnaissance aircraft is also part of the country’s reconnaissance assets designed to monitor threats from North Korea, especially military activities near the border.

South Korean officials suspect that Pyongyang orchestrated the hacking of the company that produces operation and maintenance manuals for military equipment, reflecting its renewed cyberattack focus on small subcontractors whose security level tends to be lower than big manufacturers.

Investigations are now underway into recent hacking attempts targeting other subcontractors of defense companies that work for the Defense Acquisition Program Administration, South Korea’s state procurement agency.

Concerns are rising that not only the technical manuals of the Baekdu and Geumgang surveillance aircraft but also their core technology might have been stolen by North Korea.

But the DAPA said Friday that the general operation and maintenance and operation manuals have been hacked but whether core technology has been leaked is yet to be determined.

The DAPA's response, however, is far from reassuring. The surveillance aircraft in question are responsible for collecting data on North Korea’s communication and military operations. If their operation manuals indeed end up in the hands of North Korea’s military, it cannot be ruled out that Pyongyang may be able to find a way to bypass or compromise Seoul’s aerial intelligence operations.

On Thursday, a similarly disappointing scene played out as the Defense Counterintelligence Command referred a civilian official at the Korea Defense Intelligence Command to the military prosecution over the alleged leak of information on South Korean “black agents” -- intelligence officials who conduct undercover espionage activities overseas. On the same day, Defense Minister Shin Won-sik claimed that there had been no big disruption in intelligence activities and “most of the operations have been restored.”

As with DAPA’s attempt to make light of the hacking incident, Shin’s remark is not convincing. After all, the official reportedly handed over the critical information to a Chinese national believed to be an informant for North Korea’s intelligence agency.

The security breach of defense technology and information was not limited to aerial surveillance and black agents. On Wednesday, the police said it referred the case involving former workers at a subcontractor to the prosecution on the charge of stealing and attempting to leak confidential documents about the K2, the main battle tank of the South Korean Army equipped with the latest technologies.

The embarrassing incidents making headlines last week are clearly a warning signal about the problems with the South Korean defense and military authorities in dealing with the threats from North Korea.

Since early this year, North Korea has been staging more aggressive cyberattacks to steal South Korea’s defense technology. The South Korean government and defense authorities must take recent intelligence leaks and North Korea’s cyberattacks more seriously and take action to fix gaping security loopholes.