South Korean police reported today, Sunday, that suspected North Korean hackers targeted joint military exercises between the United States and South Korea conducted this week, though no confidential information was compromised.
Starting tomorrow, Monday, South Korean and US forces are set to embark on an 11-day summer training session aimed at bolstering their ability to counter North Korea’s missile and nuclear threats.
North Korea has long protested against these exercises, asserting they are rehearsals by the US and its ally, South Korea, for an invasion.
The police department of Gyeonggi Nambu Province revealed in a statement that they believe the hackers are affiliated with a North Korean group researchers term as “Kimsuky.” The cyber intrusion was executed via emails sent to South Korean contractors working at the joint US-South Korea war simulation center.
The police further clarified in their statement, “It has been confirmed that no military-related information was stolen.”
North Korea has historically denied any involvement in cyberattacks. Researchers pointed out that the Kimsuky group has long employed tactics like phishing emails that trick targets into disclosing passwords or clicking on malicious attachments or links.
The South Korean police, along with the US military, conducted a joint investigation and found that the IP address used in the hacking attempt matched one identified in a 2014 breach against South Korea’s nuclear reactor operator company. At that time, Seoul had accused Pyongyang of orchestrating the cyberattack.