South Korea's nuclear energy research institute was attacked by hackers who according to reports are linked to the North Korean regime. The attack was identified more than a month ago but its existence was only reported last Thursday by the South Korean media.
According to a report by the Korea Times, thirteen unauthorized IP addresses were identified in the internal system of the Korea Atomic Energy Research Institute (KAERI). According to cyber defense company IssueMakersLab, based in Seoul, some of the addresses are linked to the server of "kimusky", which analysts have attributed to a group of state-backed North Korean hackers. It is estimated that the group tried to breach servers of companies developing COVID-19 vaccines last year.
"If the state's key technologies on nuclear energy have been leaked to North Korea, it could be the country's biggest security breach, almost the same level as a hacking attack by the North into the defense ministry in 2016," said South Korean opposition lawmaker Ha Tae-kyung.
The institute itself initially denied the reports about the attack that started to emerge earlier this month, but last week it apologized for the denial and announced that an attack had indeed been carried out, but that the investigation of who is behind the attack, what information the attackers tried to access, and whether they succeeded in stealing any information is still underway. The National Intelligence Service also said it is investigating the incident.