According to a statement from the Supreme Prosecutors' Office, from January to June a "suspected North Korea-operated group" tried to hack about 90 email accounts, including those of officers belonging to the unification, foreign and defense ministries. The statement reported that "The passwords of 56 accounts were stolen."
In January, the culprits operated 27 phishing sites posing as legitimate sites like South Korea’s Naver and Google, along with university and government sites, in order to obtain the passwords. Prosecutors indicated that the same codes used in this hack were used in previous breaches North Korea committed against South Korea. There’s also an ongoing investigation into whether confidential information was leaked.
This incidents comes only days after after South Korean police accused North Korea of stealing the personal data of over 10 million customers at Interpark, a South Korean online shopping center. Interpark didn’t know about the attack until July 11 when they received blackmail threats that they would publish the private information unless they were paid the equivalent of around $2.7 million.
The Reconnaissance General Bureau, one of DPRK’s main spy agencies, is suspected of organizing the cyber attack, according to the National Police Agency. The backdrop of this hack is escalating tensions on the Korean peninsula ever since North Korea conducted its fourth nuclear test in January, along with ballistic missile tests.
The United Nations has put the DPRK under strict sanctions for this, on top of sanctions coming from nations like South Korea, Japan and the US.Seoul has blamed North Korea for a number of hacks in recent years against banks, state agencies, military institutions, media websites, a nuclear power plant and TV broadcasters.
According to South Korean spy agencies, the DPRK currently operates a battalion of over 1,000 hackers that target the South’s officials or important institutions.