South Korea's military Internet network was breached for 24 hours by North Korean hackers on March 5, causing around 2,000 national secrets to leak, according to the November issue of the Monthly Chosun out Sunday.
North Korean cyber warfare unit stole confidential information from the Chemical Accident Response Information System (CARIS) set up by the National Institute of Environmental Research (NIER) using a password obtained from hacking South Korean Army command. A NIER official is quoted as saying, "Our system was hacked into on March 5 and we received a call from the National Intelligence Service on March 6 informing us that our Internet link with Army command had been severed."
The Monthly Chosun exclusive was based on a document prepared by the national security office under the prime minister detailing the secrets that leaked out in the cyber attack.
The NIER official said, "It looks like around 2,000 national secrets have been stolen, including the names of around 700 companies or state-run entities that manufacture toxic chemicals and some 1,350 types of such chemicals." The toxic chemicals monitored by CARIS include acetone, alcohol, paint thinner and other organic solvents, sulphuric acid, hydrochloric acid and benzene and heavy metals including lead, mercury and cadmium, all of which can be fatal if they get into the drinking water.
Kim Heung-kwang, a former professor at Pyongyang Computer Technology University, said, "The addresses of the manufacturers listed under CARIS serve as 'coordinates' for North Korea to set up targets for its KN-O2 short-range missiles and 240 mm rocket launchers aimed at the South."
The Defense Ministry has claimed its computerized system is an "independent network," meaning it can be accessed only from within and is impervious to cyber attacks. But the incident suggests a need for urgent review.
Since 2005, the Unification Ministry has tapped into a cultural exchange fund to provide North Korea with W432 million (US$1=W1,164) to train people in Internet skills. Of that amount, the Korean Sharing Movement received W349 million, while Hanabiz.com, which has been pursuing joint IT projects with the North, received W83 million.
Hanasoft Academy in Dandong, China also received funding and has trained North Korean IT workers in 3D skills. In 2008, the Unification Ministry also gave another W63 million to the Korean Sharing Movement to teach North Koreans software programming skills.
"International treaties such as the Wassenar Arrangement limit exports to terrorism-sponsoring countries of Pentium-level computers, which are capable of being used to develop or manufacture weapons of mass destruction." said Kim Dong-sung, a lawmaker for the ruling Grand National Party. "Over the last 10 years, we provided more than 3,000 Pentium-level computers to North Korea and helped train their workers in IT skills. What we have ended up doing is to train a unit of hackers."