The hack into South Korea’s military internet server several months ago was the work of North Korean agents working in China, investigators announced Tuesday.
Wrapping up a drawn-out probe led by military prosecutors, the Ministry of National Defense added more than two dozen officials here will be disciplined for bungling the response. They include a two-star general leading the South’s Cyber Command.
“The Cyber Command triggered the spread of malicious code, having failed to take timely measures even if they were detected around September last year in a number of PCs connected to the military’s intranet,” the ministry said.
The hacking attacks were disclosed by media in December amid reports that a lot of military data, including some confidential information on the South Korea-U.S. joint operational plan, were leaked.
The ministry refused to confirm related news reports.
It added North Korea was behind the high-profile cyberattack, saying some IPs used were traced to Shenyang, a Chinese city near the border.
The city is known as home to specially trained North Korean hackers reportedly belonging to Bureau 121, the communist nation’s secret cyberunit.
The malicious code found in the incident is similar to that often used by the North’s hackers, the ministry said.
They apparently exploited the vulnerability of a vaccine for the South Korean military’s online networks on the basis of information acquired from the 2015 hacking of a vaccine contract company, it added.
It formally recommended the punishment of 26 military and other officials for their negligence of duty in the process of responding to the cyberattacks and taking follow-up steps.