Hackers breach and steal data from South Korea's Defense Ministry

Hackers have breached the computer systems of a South Korean government agency that oversees weapons and munitions acquisitions for the country's military forces.

The hack took place in October 2018. Local press reported this week[1, 2, 3] that hackers breached 30 computers and stole internal documents from at least ten.

The breached organization is South Korea's Defense Acquisition Program Administration (DAPA), an agency part of the Ministry of National Defense.

It is believed that the stolen documents contain information about arms procurement for the country's next-generation fighter aircraft, according to a news outlet reporting on the cyber-attack.

Reports claim that hackers gained access to the server of a security program installed on all government computers.

Named "Data Storage Prevention Solution," the app is installed on South Korean government computers to prevent sensitive documents from being downloaded and saved on internet-connected PCs.

According to reports, hackers gained admin access to the software's server and used it to siphon documents from connected workstations.

The country's intelligence agency (NIS, National Intelligence Service) investigated the breach in November and reported its findings to government officials, who disclosed the cyber-attack to the public this week.

Government officials didn't pin the blame on North Korean hackers, as they usually do, although it wouldn't surprise anyone if they did, as North Korea has often launched cyber-espionage and intelligence collection operations against its southern neighbor.

For example, in October 2017, South Korea accused North Korea of hacking and stealing the South's secret joint US war plans, which included detailed plans to attack the North in case diplomatic relations deteriorated to a point where military action was needed.

North Korea's history of bold cyber attacks

More cybersecurity news:

• North Korean hackers infiltrate Chile's ATM network after Skype job interview
• G Suite update warns you when someone is exporting your company's data
  
• US charges Ukrainian for SEC 2016 hack, others for insider trading
• A security conference will let you hack a Tesla car and earn cash prizes
  
• Liberian ISP sues rival for hiring hacker to attack its network
• Hacker 'BestBuy' sentenced to prison for operating Mirai DDoS botnet
  
• Google now lets you donate to charity through the Play Store CNET
• Phishing and spearphishing: A cheat sheet for business professionals TechRepublic