14 DAY TRIAL // South Korean officials said on Tuesday that one of their defense contractors, a military navy ship builder, suffered a cyber-attack on April 20, South Korean Yonhap news agency reports.
The name of the hacked company is Hanjin Heavy Industries, one of the government's defense contractors.
The company is currently building South Korea's most recent versions of frigates and amphibious assault vessels. One of these models is the well-reviewed ROKS Dokdo (LPH-6111) amphibious assault ship, first launched in 2005.
Officials suspect North Korea's involvement
"After identifying signs that Hanjin Heavy Industries may have been hacked on April 20, the Defense Security Command is currently leading a security investigation into whether any military secrets were leaked and whether North Korea was involved," a South Korean official said on Tuesday. "North Korea could have been involved, but we are not absolutely sure at this stage."
South Korean government officials have a good reason to blame any cyber-attack on North Korea.
A long history of cyber-attacks originating from North Korea
In March this year, security researchers discovered the OnionDog APT that was targeting South Korea's energy and transportation sectors.
In February, a consortium of multiple security vendors provided their findings in regards to the Sony hack investigation, tracking down the operators, a cyber-espionage group known as the Lazarus Group, to North Korea.
Last October, South Korea accused the North Korean government of cyber-attacks against Seoul's subway transportation system. Also that month, Symantec also discovered a cyber-espionage campaign that was deploying the Duuzer backdoor trojan to spy on organizations in the manufacturing sector.
In September, security researchers from FireEye uncovered a campaign using a zero-day in the South Korean-made Hangul Word Processor to target South Korean government employees.
Even if not fully confirmed as a cyber-espionage campaign attributed to North Korean hackers, a few hours ago, Symantec revealed details about a zero-day security flaw in Internet Explorer used in targeted spear-phishing attacks only against South Korean organizations.
