South Korea Probes Possible Hack of DSME Computers
Korean officials confirmed that an investigation has been launched after South Korean shipbuilder Daewoo Shipbuilding & Marine Engineering Co. reported that it found evidence that hackers had attempted to breach the company’s computer systems. News that the shipbuilder’s computers might have been again attacked came as there has been fresh speculation in South Korea of cyberattacks from North Korea. There has been speculation in the past the DSME was one of the targets and last week HMM, the country’s larger shipping company, reported that its email systems had been taken down by hackers.
"The company (DSME) reported the case to police," a spokesperson for South Korea’s Defense Acquisition Program Administration (DAPA) said during a defense ministry briefing, according to the Yonhap news agency. "Police and related military agencies are looking into the case."
Government officials declined to provide additional details into the scope or timing of the attack or if the cybercriminals had been able to breach any systems at the company. Yonhap, however, is reporting that the government spokespeople denied speculation in the media that North Korean operatives were looking for information related to the South’s nuclear submarine program. An opposition party politician last week accused the government of covering up a recent cyber-attack against the Korea Atomic Energy Research Institute (KAERI).
The current reports are eerily similar to 2017 when the news was leaked that North Korean agents had breached Daewoo’s computers and stole blueprints to the South’s submarines. That time, another opposition political leader told Reuters that the Ministry of Defense had discovered the attack reporting it to Daewoo. In that case, they reported they were almost certain that the cybercriminals had stolen sensitive materials about warships, including blueprints. The style of the attack Reuters reported was similar to other known efforts from North Korea.
Last week, HMM warned customers that its email systems had been attacked and were offline briefly. The company said it was able to recover its email in most areas except parts of Asia in a matter of days. Customers were however being warned to use other forms of communications if they were having problems contacting local agents or to contact the home office. HMM said it believed that no sensitive data was accessed and that it had been able to limit the scope of the attack.