North Korea hackers target South Korea nuclear think tank

A South Korean lawmaker said at least one IP address could be traced to North Korean hacking group Kimsuky

Akshita Jain
Friday 18 June 2021 14:37 BST
Comments
Representational image. 13 unauthorised IP addresses accessed the intranet system of South Korea’s nuclear think tank.
Representational image. 13 unauthorised IP addresses accessed the intranet system of South Korea’s nuclear think tank. (Getty Images/iStockphoto)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A North Korean hacking group targeted South Korea’s state-run nuclear think tank last month, a South Korean lawmaker said on Friday.

Ha Tae-keung, a member of the parliamentary intelligence committee and an opposition lawmaker, said 13 unauthorised IP addresses accessed the intranet system of the Korea Atomic Energy Research Institute (KAERI) on 14 May.

Citing a report from Seoul-based cybersecurity firm IssueMakersLab, the lawmaker said that at least one address could be traced to North Korean hacking group Kimsuky.

Kimsuky was suspected of being behind North Korean efforts to target pharmaceutical companies which were working on coronavirus vaccines in the US, the UK and South Korea last year.

Mr Ha said that the incident “could pose serious security risks if any core information was leaked to North Korea, as KAERI is the country's largest think tank studying nuclear technology including reactors and fuel rods,” according to Reuters.

A KAERI official said it reported the breach to the government on 31 May after discovering it, and an investigation is underway.

But Mr Ha accused the think-tank of initially covering up the incident. He said it’s impossible to not know about the breach and asked the government to disclose what happened.

He was quoted in The Korea Herald as saying: “Ever since the Moon Jae-in administration took office, the [South Korean] government is trying not to admit hacking [attempts] by North Korea.”

An official at the science and technology ministry, which is responsible for the investigation into the breach, said it had not found evidence to determine that North Korea was behind the hack, Reuters reported.

Mr Ha said that an email ID of Moon Chung-in, former foreign and security affairs adviser to president Moon Jae-in, was used by some of the IP addresses, according to The Korea Times. The former adviser's email account were hacked in 2018.

South Korea has accused North Korea earlier of cyberattacks, including in November when it said its intelligence agency foiled Pyongyang’s attempts to hack into companies developing Covid-19 vaccines.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in