North Korea is suspected of hacking into a Seoul subway operator last year for at least five months, a ruling party lawmaker said Monday citing a report submitted by the country’s intelligence agency.
After hacking into two operating servers of Seoul Metro, which runs Subway Lines 1 through 4, the hackers allegedly broke into more than 210 employee computers and infected 58 with malicious codes, Rep. Ha Tae-kyung of the ruling Saenuri Party said, quoting a report by the National Intelligence Service (NIS). [Yonhap]
Mr. Ha, a former left-wing activist and political prisoner under the Park Chung-Hee dictatorship, is now a Saenuri Party lawmaker and activist for human rights in North Korea. Ha speaks excellent English and is well known to most of the foreign press and activists here in the United States. I’ve known him for a decade, and I’ve never known him to say anything that wasn’t true.
Computers used by those who work at the control center and power supplier were affected, raising safety concerns that the subway lines could have been exposed to potential terror threats. [Yonhap]
The authorities say the computers hacked “were only for office use, which is unrelated to the direct operation of the trains,” and that after the hack was detected, they reformatted all of the affected computers and “reinforced” their cybersecurity. That’s reassuring, I suppose, except that I can’t imagine that Pyongyang’s master plan stopped at changing all of the email fonts to Wingdings.
Nor is this the first time North Korea has targeted the Seoul subway system. In May of 2010, South Korean authorities arrested a 36 year-old woman named Kim Soon-Nyeo, who had entered the South posing as a refugee, and had begun romantic relationships with several well-placed South Korean men, including a 52 year-old executive of the Seoul subway.
The spy collected “confidential” information about the subway system from Oh, information about local universities from the student, and a list of names of high-ranking police and public officials from the travel agents.
Oh maintained extramarital relations with the spy since his first encounter with her in China in May 2006, and transferred nearly 300 million won ($252,000) to “help” her cosmetics business. In June 2007, he became aware that she was a North Korean spy, but continued the relationship.
“What Oh handed over to the spy included contact information of emergency situation responses and other not-so-important internal data,” Kim Jung-hwan, a Seoul Metro spokesman, told The Korea Times, dismissing concerns that it could be used in possible acts of terrorism here by the North. Kim retired from his post in 2008. [Korea Times, May 23, 2010]
Foreigners will again note how selective South Koreans are in panicking about, ahem, certain perceived safety risks, provided they don’t involve North Korea. Meanwhile, here in Washington, we can only rue that the Seoul subway is still safer and more reliable than ours, despite having been hacked by North Korea.
The NIS analyzed the hacking records from March 2014 to August 2014, but the date of the first attack and who carried it out are still unclear. [Yonhap]
Three months after the hack on the subway system, Sony Pictures was hacked, and the hackers also threatened terrorist attacks against movie theaters across the country. President Obama, and the Directors of the FBI and the NSA, all attributed that cyberattack and threat to North Korean hackers, who are believed to operate more-or-less openly from Shenyang, China. Four months later, Korea Hydro and Nuclear Power Company announced that it had been hacked. That hack was also later attributed to North Korean hackers, also most likely operating out of Shenyang.
President Bush removed North Korea from the list of state sponsors of terrorism on October 11, 2008. Despite overwhelming evidence to the contrary, the Obama Administration’s official view is that North Korea is “not known to have sponsored any terrorist acts since the bombing of a Korean Airlines flight in 1987.” Discuss among yourselves.