North Korean hackers stole classified military documents
Wed 11 Oct 2017
South Korea has reported that North Korean hackers are believed to have stolen classified military documents last year, including the most recent U.S./South Korea wartime operations plans.
Democratic Party Rep. Lee Cheol-hee made the report, stating that 235 GB of classified documents were stolen, according to information from South Korean defense officials. Hackers apparently broke into the Defense Integrated Data Center last September to access the materials.
80% of the stolen documents are yet to be identified, however, the defense officials identified Operational Plan 5105 among the stolen documents. Operational Plan 5015 contains information on the US-South Korea plans to manage an all-out war with North Korea.
Leaders also identified as stolen Operational Plan 3100, South Korea’s plan to respond themselves to an incident with the North.
Officials believe that among the documents yet to be identified, the hackers may have accessed information on key military facilities and power plants, allies’ commander reports, and contingency plans for South Korean special forces.
While the government stated in May that a breach had occurred, it did not reveal what information was compromised at that time. The report today was made to notify leaders that North Korea may be adjusting their own plans in response to information gained through the data breach.
Last year, the Korea Institute for Liberal Democracy in Seoul estimated that the North Korean hacker army included 6,800 trained specialists, 1,700 of whom are categorized as ‘mission personnel’. These hackers are employed at the cyberwarfare division of North Korea’s General Bureau of Reconnaissance, also known as Bureau 121.
Bureau 121 is believed to have been responsible for the Sony Pictures hack of 2014, and reportedly earns the North Korean government close to $1 billion per year in cyber-espionage schemes including online gambling and the stealing and reselling of encrypted files.
North Korean hackers were also linked to the WannaCry ransomware attacks that hit individuals and corporations worldwide this past summer.