North Korean Hackers Steal Warship Plans from DSME

South Korean Aegis destroyer DDG-992, Yulgok Yi I, November 2008 (KDN)

Published Nov 1, 2017 8:09 PM by The Maritime Executive

On October 31, South Korean lawmaker Kyung Dae-soo alleged that North Korean hackers penetrated computer systems at Daewoo Shipbuilding & Marine Engineering (DSME) and made off with confidential information on warships and submarines. The ships affected may include the destroyer Yulgok Yi I – a vessel that carries the U.S. Navy's Aegis Combat System.

According to South Korean outlet Dong-A Ilbo, about 60 classified military documents were among the 40,000 stolen from the world’s biggest shipbuilder. The documents contained information on construction technology, blueprints, weapons systems and evaluations of the ships and submarines.

Kyung Dae-soo told Reuters that "we are almost 100 percent certain" that North Korean hackers were behind the cyberattack. Military officials have confirmed the source by analyzing the hacking technique, IP addresses and network activity logs. 

It would not be the first time that North Korea has successfully stolen secrets from South Korea. Pyongyang was allegedly behind an attack on South Korea's military networks last year that resulted in the theft of 235 gigabytes of data. That attack exposed at least three secret plans, including the details of a potential "decapitation strike" operation that would target Kim Jong Un in the event of a conflict. South Korea's government asserts that the North maintains an army of nearly 7,000 hackers for its cyberwarfare operations. 

The UK has also recently alleged that North Korean hackers were behind the infamous "WannaCry" ransomware attack in May 2017, which took down computers in Britain's National Health Service for days, resulting in 19,000 lost patient appointments. A North Korean spokesman described the allegations as a "wicked attempt" to justify further economic sanctions on Pyongyang.