NewKerala.com

South Korea Security Crisis: How Kimsuky Hackers Breached Government Systems

South Korea has significantly tightened its cybersecurity protocols after detecting unauthorized access to government systems. The breach involved hackers from the North Korean group Kimsuky penetrating the Onnara administrative platform through government VPN connections. Multiple ministries and major companies including Kakao and Naver were targeted in the sophisticated attack. Security officials are now implementing biometric authentication and additional verification measures to prevent future intrusions.

Key Points: South Korea Tightens Security After Government Platform Hacking

  • North Korean hacking group Kimsuky targeted government ministries and major corporations
  • Hackers accessed Onnara government platform through VPN connection
  • 650 officials' authentication certificates were compromised in security breach
  • New biometric authentication system will replace current GPKI certificates
  • Extra security measures implemented for remote work VPN access
2 min read

South Korea tightens security measures after detecting signs of hacking

South Korea boosts security measures after detecting North Korean hacking group Kimsuky breached government systems and major companies through VPN access.

"In mid-July, (we) confirmed signs through the National Intelligence Service that an external internet PC accessed the Onnara system via the Government-VPN - Interior Ministry"

Seoul, October 19

The interior ministry of South Korea said on Friday that it has strengthened security measures for online systems of the government, after detecting signs of hacking of the government's administration platform, Yonhap news agency reported.

According to Yonhap, the move comes after Phrack, an online cybersecurity publication, reported that in August this year, the South Korean government branches and companies appeared to have been targeted by hackers.

Phrack had earlier reported that the North Korean hacking group Kimsuky was behind the attack.

As per the report by Yonhap, signs of hacking were reportedly detected in the interior and foreign ministries, the military, the prosecution, as well as major companies, including Kakao Corp., Naver Corp., KT Corp. and LG Uplus Corp.

"In mid-July, (we) confirmed signs through the National Intelligence Service (NIS) that an external internet PC accessed the Onnara system via the Government-Virtual Private Network (G-VPN)," the ministry said as reported by Yonhap.

It further noted that the Onnara system is the government's online work platform, which manages official documents and handles internal workflow.

As per Yonhap, the ministry said it strengthened security measures in response by requiring officials to go through extra authentication procedures when connecting to G-VPN for remote work.

It further noted that the ministry said government public key infrastructure (GPKI) certificates of 650 officials were also presumed to have been targeted. GPKI certificates are used by public officials for authentication.

While most of the certificates had been expired, the three that remained valid were scrapped as of August 13.

As per Yonhap, the ministry said it plans to replace the GPKI-based authentication system with a biometric system when public officials access the government's internal administrative system.

Yonhap said that officials suspected of the certificate information getting leaked due to user carelessness.

- ANI

Share this article:

Reader Comments

R
Rohit P
North Korean hackers again! This shows how important it is for countries to work together against cyber threats. India should also strengthen its digital defense systems. The biometric authentication move is a good step.
A
Aditya G
User carelessness is often the weakest link in security. In India too, many government officials don't take cybersecurity seriously enough. Proper training and awareness programs are must! 🔐
S
Sarah B
As someone working in IT security, I appreciate South Korea's proactive approach. Detecting the breach and taking immediate action shows good cyber hygiene. Other nations should learn from this response protocol.
K
Karthik V
While the security measures are necessary, I hope they don't make the system so complicated that it affects government work efficiency. Balance is key - security shouldn't come at the cost of productivity.
M
Meera T
This incident highlights why India's push for digital sovereignty and indigenous technology is so important. We can't rely on foreign systems for critical infrastructure. Atmanirbhar Bharat in cybersecurity is the need of the hour! 💪

We welcome thoughtful discussions from our readers. Please keep comments respectful and on-topic.

Leave a Comment

Minimum 50 characters 0/50