South Korea ‘s military cyber command was hacked last month
According to the Government of the South Korea, the county military cyber command was hacked last month in the attempt to infect the vaccine routing server.
The Government of Seoul revealed that its cyber command center was hacked last month. The South Korean experts have found evidence of the malware in the systems at the cyber command center, but it is still a mystery the attack vectors used to deliver it.
According to the South Korean Government, the malicious code was spread in the attempt to infect a ”vaccine routing server” used by country’s military cyber command.
The vaccine routing server is a specific component of the south Korean Infrastructure, it was used to implement an extra level of security to protect military networks exposed on the Internet.
“South Korea’s cyber command established to counter external hacking attempts on the country’s military was found to have been hacked last month, a lawmaker said Saturday, raising speculation that North Korea might be behind the latest cyber attack.” reported the Yonhap News.
“Rep. Kim Jin-pyo, a lawmaker of the main opposition Minjoo Party of Korea, told Yonhap News Agency in a telephone interview that the hacking targeted the “vaccine routing server” installed at the cyber command.”
Kim is one of the members of the South Korean parliament’s national defense committee.
“A malicious code has been identified and it seems to have taken advantage of the vulnerability of the routing server,” he said. “In a cautious measure, the server has been separated from the network.” Kim told the news Agency.
Kim speculates that attackers haven’t exfiltrated any sensitive data from the military intranet because it was not directly connected to the targeted server.
According to the Korean Authorities, currently the military Internet system remains up and running.
Who is behind the attack?
As usual, rumors says the South Korea is blaming its first enemy, North Korea and in particular its dreaded North Korea’s Bureau 121, despite the Government of Seoul is still investigating the incident and will not comment it mission and will not officially blame anyone until investigations are completed.
This is the last cyber attack in order of time suffered by the South Korea. In May, Seoul blamed North Korea for hacking a South Korean defense contractor, in June the Government of Seoul reported that North Korean hackers stole defense-related documents and photos from two South Korean companies, and in July authorities in South Korea blamed hackers from North for a massive data breach affecting 10 million Interpark online shoppers.
Last year, Seoul blamed Pyongyang for two attacks respectively on a Nuclear plant and a subway system.
[adrotate banner=”9″]
Pierluigi Paganini
(Security Affairs – North Korea, hacking)