Korean officials confirmed that an investigation has been launched after South Korean shipbuilder Daewoo Shipbuilding & Marine Engineering Co. reported finding evidence that hackers had attempted to breach the company’s computer systems.
The news that the shipbuilder’s computers may have been attacked again comes as speculation in South Korea that cyberattacks from North Korea are possible.
There has been speculation in the past that DSME was one of the targets and last week HMM, the country’s largest shipping company, reported that its email systems had been taken down by hackers.
“The company (DSME) reported the case to the police,” a spokesman for South Korea’s Defense Acquisition Program Administration (DAPA) said during a Defense Ministry briefing, according to Yonhap news agency. “Police and related military agencies are investigating the case.”
Government officials declined to provide additional details on the scope or timing of the attack or whether the cybercriminals had been able to breach any of the company’s systems.
However, Yonhap reports that government spokesmen denied media speculation that North Korean agents were seeking information related to the South’s nuclear submarine program. An opposition party politician last week accused the government of covering up a recent cyberattack against the Korea Atomic Energy Research Institute (KAERI).
The current reports are eerily similar to those of 2017, when news leaked that North Korean agents had hacked into Daewoo’s computers and stolen blueprints for the South’s submarines. That time, another opposition political leader told Reuters that the Defense Ministry had discovered the attack by informing Daewoo. In that case, they reported that they were almost certain that the cybercriminals had stolen sensitive material about warships, including the plans. The style of the attack was similar to other known North Korean efforts. Last week, HMM warned its customers that its email systems had been attacked and were briefly out of service.
The company said it was able to recover its email in most areas, except parts of Asia, within days. However, customers were warned to use other forms of communication if they had problems contacting local agents or contacting the head office. HMM said it believed that no sensitive data had been accessed and that it had been able to limit the scope of the attack.