South Korea investigates possible hacking of DSME computers
Korean officials have confirmed an investigation was launched after South Korean shipbuilder Daewoo Shipbuilding & Marine Engineering Co. reported finding evidence that hackers attempted to break into the company’s computer systems . News that the shipbuilder’s computers could have been attacked again came as there was further speculation in South Korea about cyberattacks from North Korea. There has been speculation in the past that DSME was one of the targets and last week HMM, the country’s largest shipping company, reported that its messaging systems had been taken down by hackers.
“The company (DSME) reported the matter to the police,” a spokesperson for the South Korea Defense Acquisition Program Administration (DAPA) told a briefing Ministry of Defense, according to the Yonhap news agency. “Police and relevant military agencies are investigating the case.”
Government officials declined to provide further details on the scope or timing of the attack or whether cybercriminals had successfully breached company systems. Yonhap, however, reports that government spokespersons have denied speculation in the media that North Korean agents are seeking information related to the South’s nuclear submarine program. An opposition politician last week accused the government of covering up a recent cyber attack on the Korea Atomic Energy Research Institute (KAERI).
The current reports are eerily similar to those in 2017, when news broke that North Korean agents had violated Daewoo’s computers and stole blueprints from submarines in the South. This time, another opposition political leader told Reuters that the Defense Ministry discovered the attack when reporting it to Daewoo. In this case, they said they were almost certain that cybercriminals had stolen sensitive documents from warships, including blueprints. The style of the attack reported by Reuters was similar to other known attempts by North Korea.
Last week, HMM warned its customers that its email systems had been attacked and were briefly offline. The company said it was able to retrieve its email from most regions except parts of Asia within days. Customers were, however, cautioned to use other forms of communication if they had problems contacting local agents or contacting head office. HMM said he believed no sensitive data had been viewed and was able to limit the scope of the attack.