Dozens of South Korean officials have been hacked according to government sources. The Supreme Prosecutor's office said that around 90 journalists, researchers ,diplomats and defence officials were hit.
Authorities were tipped off by reports of spearphishing attacks on government departments earlier in the year. The hacks were conducted in the first six months of 2016 and attempted to get to the emails of individuals at the departments of foreign affairs, defence and unification, the department responsible for overseeing the reunification of the Korean peninsula. More than 50 passwords were leaked during the process.
Authorities have shut down the 27 phishing sites that were used against the government departments. Perhaps predictably, prosecutors have pointed the finger atNorth Korea as these last attacks closely resemble a North Korean campaign carried out in 2014. It is still not yet known whether any state secrets were stolen in the campaign
Though the Korean war ended in 1953, North and South Korea are still technically fighting, even if that mostly consists of bold acts of nuclear brinksmanship and loud overtures on the international stage.
“Officially the two Koreas are at war with each other,” Dr John Nilsson-Wright, head of the Asia programme at Chatham house, told SCMagazineUK.com.
“The Korean peninsula remains one of the most highly armed pieces of real estate anywhere” including the ironically named demilitarised zone which splits the North and South.
“North Korea has a long track record of hacking into South Korea”, often the financial sector or government departments.
Furthermore, “The North Korean's have been devoting significant resources for training their staff to acquit that ability.” However, unlike the country's nuclear grandstanding, North Korea's cyber-operations are not about propaganda or embarrassing their enemies.
Principally, North Korea's cyber-warfare is directed at enhancing “ the full arsenal of capabilities that the north has in terms of military capability and preparedness,”said Nilsson-Wright.
“The cyber-challenge posed by North Korea is very present and very real”, he added.
Cristina Varriale, a research analyst on the Royal United Services Institute's proliferation and nuclear policy team told SC, “the cyber-incidents should not be considered in isolation, but should be placed in a broader understanding of the tactics used by the North to instill fear in the South.”
The officials were hacked over the last seven months at a time of increasing tension between the two halves of the peninsula, caused by the frequent missile tests and launches over the first half of the year.“The purpose of this is most likely psychological,” said Varriale, “with the North wanting to create a fear in the South that they are belligerent and willing to attack, as it helps bolster the deterrent value of their missile and nuclear capabilities, which is what they have claimed is the purpose of such developments.”