N Korea (Probably) Behind Cyber Attacks On SKAF

This post is also available in: עברית (Hebrew)

North Korea is likely behind another cyber attack on South Korea’s digital infrastructure, United Press International reports.

South Korea’s Air Force’s website has been down for 13 days, according to local newspaper Donga Ilbo. The reports states that according to multiple source in the Korean military, the cyber attack began in early May and is currently under investigation.

The Air Force launched an immediate recovery mission, but their efforts have so far been unsuccessful. Access to the website has been blocked as a temporary measure to prevent further damage.

A temporary website has been set up, but it has limited functionality and does not provide full replacement.

South Korean officials say that the likely suspect is the usual – the Northern neighbour’s Reconnaissance General Bureau. The Bureau has been responsible for several cyber attacks and breaches into secure data servers in the past.

One potential avenue of attack is a virus that spread through South Korean military networks, turning computers into “zombies” under the North’s control to be used as part of a larger cyber offensive.

One fear is that the hackers were looking for a weak point in cyber defences through which to access the walled off “defence network.”

Additionally, investigators have as yet not ruled out a risk to personal data of individuals who made reservations to military sporting facilities through the website, a military official said.

The North has been holding steady in attempts to breach South Korea’s cyber defences. An apparent phishing email attack targeted South Korean defence industry workers in mid-May by appearing as if it was sent from South Korea’s Defense Acquisition Program Administration.