North Korea defector hack: Personal data of almost 1,000 leaked
Almost 1,000 North Korean defectors
have had their personal data leaked after a computer at a South Korean
resettlement centre was hacked, the unification ministry said.
A personal computer at the state-run centre was found to have been “infected with a malicious code”.
The ministry said this is thought to be the first large-scale information leak involving North Korean defectors.
The hackers’ identity and the origin of the cyber-attack is not yet confirmed.
The North Gyeongsang resettlement centre is among 25 institutes the
ministry runs to help an estimated 32,000 defectors adjust to life in
South Korea.
Are defectors’ families in danger?
The
North Korean government does not know the identities of all citizens
who have defected. Some may be considered “missing persons” or they may
have even been registered as dead.
Some 997 North Korean
defectors have now been informed that their names, birth dates and
addresses have been leaked but it is not clear what impact this will
have.
Analysts say there are some concerns that the leak could endanger the defectors’ family members who remain in North Korea.
Sokeel
Park, South Korea Country Director for Liberty in North Korea, an
international NGO that assists North Korean defectors, says this hack
will make other defectors feel less safe living in South Korea. They may
change their names, phone numbers and home addresses.
Investigations
by the unification ministry and the police are currently ongoing, with
the ministry saying it would “do its best to prevent such an incident
from happening again”.
On 19 December, the ministry became aware of the leak after they found a malicious program installed on a desktop at a centre in North Gyeongsang province.
The ministry said that no computers at other Hana (resettlement) centres across the country had been hacked.
One
expert on North Korean cyber-warfare, Simon Choi, believes that this
might not be the first time a Hana centre has been hacked.
“[There
is a North Korean hacking] group [that] mainly targets [the] North
Korean defector community… we are aware that [this group] tried to
hack a Hana centre last year,” he told the BBC.
However, he added that it was not yet clear if any North Korean groups were responsible for the latest attack.
Has North Korea been behind previous attacks?
Cyber-security experts have been warning of the increasing sophistication of hackers from the North for some time.
In
September, US prosecutors charged a North Korean man alleged to have
been involved in creating the malicious software used to cripple the
UK’s National Health Service.
The 2017 incident left NHS staff reverting to pen and paper after being locked out of computer systems.
One
of the most high profile hacks linked to North Korea in recent years
targeted Sony’s entertainment business in 2014 – wiping out massive
amounts of data and leading to the online distribution of emails, and
sensitive personal data.
North Korean state media has also often
threatened to silence defectors in the South who make derogatory
statements about the regime.
Sokeel Park told the BBC that cyber-attacks and phishing attempts on people working on North Korea are a common occurrence.
“They
represent an asymmetric advantage for the North Korean authorities
because attribution for cyber-attacks is so difficult and because the
North Korean government intentionally relies so little on the internet”,
he added.
However, the government in the South has not pointed the finger at North Korea this time.
Comments (0 )