The Korea Herald

피터빈트

South’s key defense firms hacked by N. Korea: lawmaker

By Choi Si-young

Published : July 1, 2021 - 17:18

    • Link copied

A prototype of South Korea’s first homegrown fighter jet, the KF-21 Boramae, is revealed to the public, April 9, 2021. (Defense Acquisition Program Administration) A prototype of South Korea’s first homegrown fighter jet, the KF-21 Boramae, is revealed to the public, April 9, 2021. (Defense Acquisition Program Administration)
North Korea hacked key South Korean defense firms, including Korea Aerospace Industries, which is building the country’s first homegrown fighter jet, Rep. Ha Tae-keung of the main opposition People Power Party said Thursday.

“The arms procurement agency essentially said that there had been cyberattacks on more defense companies,” he said, adding the agency had told him it could not reveal the names of companies breached because of privacy concerns.

The previous day, the lawmaker, who is a member of the parliamentary intelligence committee, said North Korean hackers had infiltrated KAI’s networks, which is working on the KF-21, a cheaper alternative to the US-made F-35.

Police are looking into the breach, with Ha blaming a North Korean hacking group known as Kimsuky because of the way the infiltrations took place.

“The hackers used a previously undisclosed vulnerability in virtual private networking devices to break into the KAI network. That’s how the Reconnaissance General Bureau broke into the Korea Atomic Energy Research Institute in May,” he said, referring to North Korea’s top military intelligence agency.

Around the time hackers breached the KAERI, the country’s top nuclear think tank, cyberattacks many suspect to be part of North Korean operation also targeted Daewoo Shipbuilding & Marine Engineering, which is responsible for building the country’s entire fleet of submarines.

“It’s like multiple organizations under the bureau are competing to break into South Korea’s networks to steal the latest technologies,” a local media outlet reported, quoting a source familiar with the issue. The source was referring to North Korea’s Reconnaissance General Bureau.

Pyongyang is believed to be increasingly funding cyberespionage against Seoul, having recently targeted COVID-19 vaccine developers and power suppliers, among other critical infrastructure supporting the local economy.

Ha warned the breaches could have far more ramifications beyond the economic fallout, saying they could affect the Seoul-Washington alliance. Their defense firms share key technologies whose mishandling could cause diplomatic friction, Ha said, citing his sources familiar with the issue.

He called on the government to raise the cyberterrorism alert to its highest levels, and convene a meeting with the US to address the crisis together.