According to South Korean lawmaker Rhee Cheol-hee, North Korean hackers penetrated South Korea’s defense ministry in September 2016, pilfering documents that included both U.S. and South Korean war plans, reports to senior commanders, special forces deployment plans, and data about power plants and military facilities.
“Mr. Rhee belongs to South Korea’s ruling party and sits on its parliament’s defense committee. He said some 235 gigabytes of military documents had been stolen from the Defense Integrated Data Center, and that 80% of them have yet to be identified,” the BBC reports.
The BBC goes on to note that South Korea officially admitted to a large data theft by suspected North Korean hackers in May, but did not provide details on what was stolen. The Defense Ministry refused to comment on Rhee’s statement, while North Korea consistently accuses South Korea of “fabricating” hacking allegations.
The New York Times notes that Rhee said about 300 lower-classification documents were stolen but did not know if any of the most highly classified documents at the Defense Ministry were compromised.
The Pentagon said on Tuesday it was aware of the reports about North Korea stealing wartime operational plans, but said all critical information remains secure.
“I can assure you that we are confident in the security of our operations plans and our ability to deal with any threat from North Korea. The ROK-U.S. alliance remains steadfast in their commitment to make sure they safeguard that information and ensure readiness on the Korean Peninsula to counter any North Korean threats,” said Army Colonel Rob Manning, a Pentagon spokesman.
The Fox report also mentions a massive theft of the cryptocurrency Bitcoin, valued at roughly $5.3 million, from a South Korean exchange called Yapizon that occurred in May as well. Outside security analysts said the theft looked like the work of North Korean hackers, who have been working hard to accumulate a Bitcoin “war chest” as sanctions by the United States and United Nations grow tighter. In fact, for much of the past year, it was thought North Korean hackers had become more interested in making money for the heavily sanctioned regime than stealing data or disrupting electronic infrastructure in adversary nations.
In June 2016, South Korean law enforcement accused North Korea of hacking over 140,000 computers at 160 South Korean private firms and public agencies over the preceding two years, in the early stages of a long-term plan to wage all-out cyber warfare against the South. Much of the material stolen in these hacks was described as defense-related. Other intrusions appeared to be reconnaissance for larger attacks to come.