Investigators do not rule out possibility of information sent to N. Korea
Prosecutors are investigating a 43-year-old man who allegedly stole sensitive government data from the Joint Chiefs of Staff and other agencies while working for a private computer data management firm for them, officials said Monday.
The case immediately sparked criticism for the “lax screening process” for personnel who handle security-related materials as the man was found to have been arrested in February 2002 on charges of contravening the National Security Act by putting pro-North Korea materials on the Internet.
The man, identified by his initial K, is also a member of the minority Democratic Labor Party, which has supported the preceding government’s policy of engaging North Korea and criticized the current government’s tough stance toward the communist state.
Some of the stolen data includes a request form concerning the Korean Joint Command and Control System, a key program that delivers information on battle situations to high military organizations in real time during both peacetime and wartime.
Also stolen are “node IP addresses” of the key computers run by the South Korean military. Observers expressed concern that should such leaked data flow into Pyongyang, it could use them to mount more cyber attacks on the South.
Prosecutors have difficulty digging into the case as the man exercises his right to remain silent, officials said.
“Early this year, police captured and investigated him on charges of stealing military secrets. They sought an arrest warrant, but the court refused to issue it, saying that there is little concern that he would flee or destroy evidence,” said Park Gyeong-ho, senior prosecutor at the Suwon District Prosecutors’ Office.
“Currently, he is not arrested. We summoned him once, but had difficulty as he remained silent.”
The man joined the data management firm in March 2005. In December that year, he joined the JCS project to establish the KJCCS. Until March this year when he was suspended after he refused to submit a security pledge to his firm, he had reportedly stolen a wide range of sensitive data from the military and government bodies.
Despite his previous violation of the security law, he was allowed to visit the JCS computer center 11 times in 2007 and four times in 2008.
For unspecified purposes, he visited North Korea twice in January 2007 and February 2008. Prosecutors are not ruling out the possibility that the man handed over some of the data to the North, which has launched a series of cyber attacks on South Korea in recent years.
Investigators have also found that his computer stored data on some 10 government agencies including the Supreme Prosecutors’ Office and the Financial Supervisory Service, and private enterprises such as POSCO and the National Credit Union Federation of Korea.
The man contacted officials of “Ryomyong,” an Internet site run by a North Korean agency handling espionage operations against the South, by email in April 2008. However, the investigators have yet to verify whether he handed over any stolen data to the North, according to the sources.
After he joined the DLP in May 2002, he posted a controversial message on the party’s bulletin board in August 2003, reading, “If I am to have a chance, I will work as a spy (possibly for the North).”
By Song Sang-ho (sshluck@heraldcorp.com)
Prosecutors are investigating a 43-year-old man who allegedly stole sensitive government data from the Joint Chiefs of Staff and other agencies while working for a private computer data management firm for them, officials said Monday.
The case immediately sparked criticism for the “lax screening process” for personnel who handle security-related materials as the man was found to have been arrested in February 2002 on charges of contravening the National Security Act by putting pro-North Korea materials on the Internet.
The man, identified by his initial K, is also a member of the minority Democratic Labor Party, which has supported the preceding government’s policy of engaging North Korea and criticized the current government’s tough stance toward the communist state.
Some of the stolen data includes a request form concerning the Korean Joint Command and Control System, a key program that delivers information on battle situations to high military organizations in real time during both peacetime and wartime.
Also stolen are “node IP addresses” of the key computers run by the South Korean military. Observers expressed concern that should such leaked data flow into Pyongyang, it could use them to mount more cyber attacks on the South.
Prosecutors have difficulty digging into the case as the man exercises his right to remain silent, officials said.
“Early this year, police captured and investigated him on charges of stealing military secrets. They sought an arrest warrant, but the court refused to issue it, saying that there is little concern that he would flee or destroy evidence,” said Park Gyeong-ho, senior prosecutor at the Suwon District Prosecutors’ Office.
“Currently, he is not arrested. We summoned him once, but had difficulty as he remained silent.”
The man joined the data management firm in March 2005. In December that year, he joined the JCS project to establish the KJCCS. Until March this year when he was suspended after he refused to submit a security pledge to his firm, he had reportedly stolen a wide range of sensitive data from the military and government bodies.
Despite his previous violation of the security law, he was allowed to visit the JCS computer center 11 times in 2007 and four times in 2008.
For unspecified purposes, he visited North Korea twice in January 2007 and February 2008. Prosecutors are not ruling out the possibility that the man handed over some of the data to the North, which has launched a series of cyber attacks on South Korea in recent years.
Investigators have also found that his computer stored data on some 10 government agencies including the Supreme Prosecutors’ Office and the Financial Supervisory Service, and private enterprises such as POSCO and the National Credit Union Federation of Korea.
The man contacted officials of “Ryomyong,” an Internet site run by a North Korean agency handling espionage operations against the South, by email in April 2008. However, the investigators have yet to verify whether he handed over any stolen data to the North, according to the sources.
After he joined the DLP in May 2002, he posted a controversial message on the party’s bulletin board in August 2003, reading, “If I am to have a chance, I will work as a spy (possibly for the North).”
By Song Sang-ho (sshluck@heraldcorp.com)