"North Korea 'hackers steal US-South Korea war plans' Hackers from North Korea are reported to have stolen a large cache of military documents from South Korea, including a plan to assassinate North Korea's leader ... The compromised documents include wartime contingency plans drawn up by the US and South Korea. They also include reports to the allies' senior commanders... The hack took place in September last year." http://www.bbc.com/news/world-asia-41565281
"South Korean lawmaker ... said that North Korean hackers have stolen classified military documents, including the US and South Korea’s most current war plans and plans to kill Kim Jong Un, the Financial Times reports. ...[The South Korean lawmaker] said that defence officials revealed to him that 235 gigabytes of data had been stolen, 80% of which has yet to be identified. But ...[The South Korean lawmaker] said the theft included Operational Plan 5015, the US and South Korea’s current plan for war with North Korea... The news follows a May announcement from South Korea’s defence ministry saying its military network had been breached. 'This is a total failure of management and monitoring [of classified information],' Shin Jong-woo, a researcher at the Korea Defence and Security Forum told the Financial Times of the hacks..." https://www.businessinsider.com.au/north-korea-hacked-us-allies-war-plans-2017-10
"...Among the stolen files was Operational Plan 5015 which contained up to date information on the North Korean leadership and plans to 'decapitate' it, South Korean state news agency Yonhap reported. Another dossier called Operational Plan 3100, which reportedly contains Seoul's planned response to any acts of aggression by the North around the Korean Peninsula, was also taken. The leak is thought to include contingency plans for special forces and information about power plants and military bases in the South..." http://www.independent.co.uk/news/n...ns-washington-seoul-kim-jong-un-a7992501.html
"...[The hacked] OPLAN 5015 includes a pre-emptive strike on the North’s nuclear and missile facilities, as well as “decapitation attacks” against Kim and the rest of the North Korean leadership. [The hacked] OPLAN 5015 is seen as a blueprint for a limited war, [the hacked] OPLAN 3100 instead deals with Seoul’s response to possible North Korean localized provocation or commando infiltration. According to Rhee, the hackers have also gained infortmation about state-of-the-art military facilities, power plants and the joint military drills with the U.S. as well as reports meant for U.S. commanders..." http://www.newsweek.com/north-korea...plans-decapitate-kim-jong-un-681414?piano_t=1
"...In the attack in September last year, later code-named “Desert Wolf” by anti-hacking security officials, North Korean hackers infected 3,200 computers, including 700 connected to the South Korean military’s internal network, which is normally cut off from the internet. The attack even affected a computer used by the defense minister. Investigators later learned that the hackers first infiltrated the network of a company providing a computer vaccine service to the ministry’s computer network in 2015. They said the hackers operated out of IP addresses originating in Shenyang, a city in northeast China that had long been cited as an operating ground for North Korean hackers. The intruders used the vaccine server to infect internet-connected computers of the military with malicious codes in August last year, the investigators said. They could also infiltrate the malware into intranet computers when the military’s closed internal network was mistakenly linked to the internet during maintenance." https://www.nytimes.com/2017/10/10/...column-region®ion=top-news&WT.nav=top-news
"Pentagon says operational plans secure amid report of N.K. hack... WASHINGTON. Oct. 10 (Yonhap) -- The Pentagon said Tuesday it is aware of reports that North Korea stole wartime operational plans of the United States and South Korea but assured the documents are secure. 'I can assure you that we have confidence in the security of our operational plans ...,' Pentagon spokesman Army Col. Rob Manning told reporters. He declined to confirm whether there was a breach, calling it a matter of intelligence..." http://english.yonhapnews.co.kr/news/2017/10/11/0200000000AEN20171011000300315.html?input=rss Umm. OK if you say so: "whether or not there was a breach is a matter of intelligence" "we have confidence in the security of our operational plans"
I wonder if they would be so blasé about it if a N.Korean plan to "decapitate" the US leadership had been discovered.
This "denial"/"non-denial" by The Pentagon appears to be very weak. The Yonhap News story is apparently based upon an informal inquiry by a Yonhap News correspondent. No other media outlet has independently reported the story. In addition, The Pentagon has not issued any formal Press Release or formal statement that would have been reviewed by higher level Pentagon brass. Even as written-up in the initial Yonhap News post it is unclear: The Washington Post's interpretation: "...Pentagon spokesman Army Col. Robert Manning said Tuesday he was aware of media reports of the breach but would not say whether sensitive operation documents were exposed..." https://www.washingtonpost.com/world/asia_pacific/north-korean-hackers-stole-us-and-south-korean-wartime-plans-seoul-lawmaker-says/2017/10/10/036fb82c-adc6-11e7-99c6-46bdf7f6f8ba_story.html?hpid=hp_rhp-more-top-stories_northkorea-1245pm:homepage/story Even the very same Yonhap News apparently gives the Pentagon's spokeman's statement little, if any, signifigance, as evinced by it's just posted editorial on the issue, that also blasts The South Korean Defense Ministry for its lax security. "...We are dumbfounded at the way the sensitive information was hacked by North Korea. Even the basic three-phase cybersecurity procedure -- the separation of military computing networks from the internet, regular cybersecurity checkups and firm control of the computing networks -- was all ignored. If only one of the three steps had really worked, North Korea could not have gained access to a bunch of our military secrets. Even after North Korea found a weak spot, our military was not even aware of the massive leak for two and half months. That's not all. The military has recently renewed a contract with the same antivirus software company responsible for the hacking due to a lack of budget for computer security. But the Ministry of National Defense is not fully awake yet, as clearly seen in the virus infections of the Korea Joint Command Control System (KJCCS) 14 times this year, including during the Ulchi-Freedom Guardian joint drill in August between South Korea and the United States. The system was infected with viruses because military security officials violated basic regulations by connecting it to USBs or external hard drives..." http://english.yonhapnews.co.kr/news/2017/10/11/0200000000AEN20171011000800315.html?input=rss In light of the above outlined security defiencies and North Korea's reputation for hacking prowess, this does not appear to have been a fair fight
This is getting ridiculous! How badly are these systems secured? I did read the hackers may have used a backdoor in AV software made by Hauri, similar to how Kaspersky was used to steal info.
