North Korea hackers target South's nuclear think-tank in latest hit

SEOUL • A North Korean hacking group known as Kimsuky broke into the network of the South's state-run nuclear think-tank last month, the latest in a series of cyber attacks by the North, a lawmaker in Seoul said yesterday.

The breach of the Korea Atomic Energy Research Institute (Kaeri) took place on May 14, and it involved 13 Internet addresses including one traced to Kimsuky, said Dr Ha Tae-keung, a member of the parliamentary intelligence committee, citing an analysis by Seoul-based cyber-security firm IssueMakersLab.

Kimsuky, which is affiliated to North Korea's Reconnaissance General Bureau spy agency, previously targeted South Korean Covid-19 vaccine developers and a state-run nuclear reactor operator, among others.

"The incident could pose serious security risks if any core information was leaked to North Korea, as Kaeri is the country's largest think-tank studying nuclear technology including reactors and fuel rods," Dr Ha said in a statement.

A Kaeri official said the institute reported the intrusion to the government after discovering it on May 31, and an investigation was being carried out. An official at the science and technology ministry, which is leading the investigation, said it had not found evidence to determine that North Korea was behind the hack.

Dr Simon Choi, head of IssueMakersLab, said Kimsuky had long been seeking access to South Korean government and legislative agencies and educational institutes. "We've been tracing their activity and such attempts happen on a daily basis," Dr Choi told Reuters. "But this case caught our attention given the sensitivity of the think-tank's work."

Seoul has accused Pyongyang of a string of cyber attacks, including on multiple banks in 2011, a state-run nuclear reactor operator in 2015 and the defence ministry in 2016.

In November, South Korean lawmakers said the intelligence agency had foiled North Korean attempts to hack into companies developing coronavirus vaccines.

REUTERS