Nuclear research institute hacked by North for 12 days

South Korea's main nuclear research institute was reportedly exposed for over 12 days to hacking attacks probably by North Korea, but no important data was leaked, according to a parliamentary intelligence committee member on Thursday.

Director of the National Intelligence Service Park Jie-won briefs lawmakers from the National Assembly's intelligence committee on Thursday at the legislature in Yeouido, western Seoul. [NEWS1]

South Korea's main nuclear research institute was reportedly exposed for over 12 days to hacking attacks probably by North Korea, but no important data was leaked, according to a parliamentary intelligence committee member on Thursday.

People Power Party (PPP) lawmaker Ha Tae-keung, a member of the parliamentary intelligence committee, told reporters on Thursday, “A probe is underway after the Korea Atomic Energy Research Institute filed a damage report on June 1. It was possibly exposed to North Korea for about 12 days.” Ha said he was given the information in a briefing by the National Intelligence Service (NIS).

The first hacking attempt on the institute reportedly occurred on May 14.

According to Ha, intelligence officials believe North Korea was behind the hacking attacks, which were conducted by organizations in a third country. However, they said that no technology data was leaked.

In a press briefing, Ha and Kim Byung-kee, a Democratic Party lawmaker who also sits on the parliamentary intelligence committee, said hacking attempts on South Korea by groups supported by state entities rose by 9 percent in the first six months of this year compared to the second half of last year.

Ha also said there were signs that Korea Aerospace Industries (KAI), the country’s only aircraft manufacturer, may have been hacked. An official investigation is underway to evaluate how long it was exposed.

The lawmaker claimed the attack was by a North Korean hacking group called Kimsuky, which was looking for information on the first Korea-made fighter jet, the KF-21. Ha previously accused Kimsuky of hacking the Korea Atomic Energy Research Institute.

A hacking organization under North Korea’s Reconnaissance General Bureau, Kimsuky is known for targeting South Korean think tanks and security-related institutions.

Officials are concerned that if KAI was indeed hacked, there is a high possibility that the blueprint for the KF-21 fighter jet was stolen.

Ha has previously criticized the National Intelligence Service for “covering up North Korea’s hacking attempts, despite my repeated requests to fully disclose details.”

On June 30, Ha said that the Defense Acquisition Program Administration, which supports domestic defense technology development and exports, confirmed that a hacking attempt on KAI had occurred, but refused to give details including who the attacker was and whether any information was leaked.

Since 2015, KAI has been developing the KF-21, also known as Boramae, with technology transferred from state-owned aerospace institutes. It will be Korea’s first fighter jet with main parts using local technology.

A prototype of the aircraft was unveiled in April. The company plans a test run next year.

In early June, hacking attempts were made on shipbuilder Daewoo Shipbuilding & Marine Engineering (DSME), Korea’s leading manufacturer of submarines and a supplier to the South Korean navy.

Ha and some government officials suspect those attacks were part of North Korea's pursuit of DSME technology for nuclear-powered submarines. The shipbuilder was attacked by North Korean hackers in 2016, which resulted in the leak of 60 naval design secrets.

BY MICHAEL LEE [lee.junhyuk@joongang.co.kr]