How South Korea screwed up and left its secret war plans open to hackers
A "ridiculous mistake" is believed to have compromised the security of South Korea's defense network, exposing critical military secrets, a South Korean lawmaker revealed Wednesday.
North Korean hackers are suspected to have been behind the theft of a massive cache of classified military documents late last year, including allied war plans. The plans detailed strategic operations to eliminate North Korean leadership in the event of a conflict, among other things, Minjoo Party Rep. Rhee Cheol-hee revealed Tuesday. The South Korean defense ministry initially claimed that nothing important had been compromised.
The hackers first breached the South Korean firm Hauri, Inc., which makes the antivirus software used by the South Korean military, The Wall Street Journal reports. The North's cyber warriors then embedded malware into the antivirus software, facilitating access to military servers. The security breach was also possible because a connector jack connecting the secure military intranet to the internet was accidentally left in place after maintenance work at South Korea's new military data center, Rhee explained.
The intranet was connected to the internet for more than a year, leaving secure networks exposed and vulnerable to attack. "It's a ridiculous mistake," Rhee stressed to the WSJ Wednesday. "They should have removed the connector jack immediately after maintenance work."
North Korea has invested in asymmetric warfare capabilities, such as cyberwarfare, to give it a fighting chance against the superior conventional military capabilities of the U.S. and its allies. The North is believed to have several thousand hackers and support staff in its cyber divisions.
The rogue regime reportedly tried to infiltrate the networks of American power companies through peculiar "spearphishing" attacks, NBC reported Wednesday.
The North is believed to have perpetrated the infamous Sony Pictures hack, incapacitated and stolen millions of dollars from top banks, negatively impacted hundreds of thousands of computers worldwide through the spread of ransomware, and disrupted numerous systems across South Korea.
The attacks linked to North Korea appear to have been designed for interference with the distribution of noticeably anti-North Korea productions, the acquisition of funds as the international community increases economic pressure on the regime, espionage, and possible retaliation.
To better counter North Korean cyber threats and avoid costly mistakes like the one that led to the loss of important war plans, South Korean Defense Minister Song Young-moo has ordered the military to take additional precautions. he shifted the blame to the previous administration and announced that the military will complete a review of the situation.