Government says hackers have broken 30 computers and stored data from 10.
Hackers have broken the computer systems of a South Korean government agency that supervises arms and ammunition acquisitions for military forces in the country. The hack was in October 2018. This week, local press [1, 2, 3] reported that hackers broke 30 computers and stored internal documents out of at least 10.
The violated organization is the Defense Acquisition Program Administration of South Korea (DAPA), an agency in the National Defense Ministry. According to a news outlet reporting on the cyber-attack, the stolen documents contain information on arms procurement for the next-generation fighter aircraft in the country.
There are reports that hackers have access to a security program server installed on all government computers. Named the “Data Storage Prevention Solution,” the app is installed on South Korean government computers to prevent the downloading and storage of sensitive documents on PCs connected to the Internet.
According to reports, hackers gained admin access to the server of the software and used it to siphon connected workstations for documents. In November, the intelligence agency of the country (NIS, National Intelligence Service) investigated the violation and reported its findings to government officials who this week revealed the cyber-attack to the public.
Government officials did not blame North Korean hackers, as they usually do, although nobody would be surprised if they did, as North Korea has often launched cyber espionage and intelligence campaigns against its southern neighbour.
In October 2017, for example, South Korea accused North Korea of hacking and robbing the secret US joint war plans of the South, including detailed plans to attack the North in the event that diplomatic relations deteriorated to a point where military action was necessary.