South Korea fingers North for defence contractor hack

Navy builder popped.

By Darren Pauli


South Korea is fingering its northern neighbours for an attack last month against a navy defence contractor.

North Korea's regime says the attribution is political and dubbed the attacks fabricated.

Details of the hack of Hanjin Heavy Industries have not been disclosed but local broadcaster Yonhap reports the government has kept open the possibility of North Korean involvement.

"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," unnamed officials told Yonhap.

The contractor is responsible for the production of Seoul's latest naval vessels and amphibious assault vehicles including the ROKS Dokdo.

It is the latest security breach of South Korea's defence industry since hackers in November popped contractor LIG Nex1 and the Agency for Defense Development, both responsible for building its AESA radar.

North Korea is said to have well-structured elite hacking teams. One unit dubbed Bureau 121 is claimed to be situated in the nation's spy agency the General Bureau of Reconnaissance, and is fingered for intrusions into network infrastructure of foreign states.

Security researchers identified the so-called Lazarus Group as the unit behind the 2014 flaying of Sony Pictures, a hack which the US pinned firmly on Pyongyang. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

FBI fingers North Korea for two malware strains

'Joanap' and 'Brambul' harvest info about your systems and send it home

Ignore that FBI. We're the real FBI, says the FBI that's totally the FBI

Don't open that malware mail from the Feds that's not from the Feds, Feds warn

First shots at South Korea could herald malware campaign of Olympic proportions

Russia, Norks and dog lovers all potential perps, say pundits

US Treasury goes after IT shops for funneling cash to North Korea

Meanwhile, Norks deny Sony hacker ever existed

Microsoft emergency update: Malware Engine needs, erm, malware protection

Stop appreciating the irony and go install the patch now

North Korea's antivirus software whitelisted mystery malware

'SiliVaccine' uses ancient, stolen, Trend Micro AV engine and bad home-brew crypto

Apache Hadoop spins cracking code injection vulnerability YARN

Loose .zips sink chips 2: Electric Boogaloo joins Microsoft in fingering North Korea for WannaCry

I can’t go into the details of our intelligence, but...

North Korea's finest spent 2017 distributing RATs, wipers, and phish

And sent them mostly to South Korea, naturally

FBI to World+Dog: Please, try turning it off and turning it back on

Feds trying to catalogue VPNFilter infections