backtop

Science Hackers Steal South Korean War Plans
Ariel Kornblum (Blog) - December 25, 2009 11:45 AM
Print 43 comment(s) - last by phubai.. on Dec 30 at 10:07 AM
Unknown attacker hacks into a laptop containing classified intelligence

While South Korea has faced many cyberwarfare attacks in the past, the most recent attack has been successful in extracting classified intelligence.

South Korea announced on December 18 that it was investigating a hacking attack that netted secret defense plans with the United States and may have been carried out by North Korea.

The suspected hacking occurred late last month when a South Korean officer failed to remove a USB device when he switched a military computer from a restricted-access intranet to the Internet.

The plans are said to include an out­line of Seoul’s and Washington’s strat­egy in the event of war on the Korean Peninsula housed in an 11-page document called OPLAN 5027 used to brief military officials. 

This doc­u­ment included details of mil­i­tary oper­a­tions involv­ing South Korean and U.S. troops should North Korea con­duct a pre-emptive strike or attempt to invade South Korea. One source stated that the doc­u­ment included details about the 700,000 US troops that would be used in the event of a full-scale war. It is also thought to include a list of tar­gets in North Korea.  

"Eleven pages of Powerpoint slides explaining the war plan for visiting military officers have been hacked, not the whole content of the contingency plan," a South Korean military official was quoted as saying.

Sources close to the event say that the sys­tems secu­rity soft­ware should have issued a warn­ing mes­sage if an exter­nal mem­ory device is inserted into a mil­i­tary com­puter, but hack­ers may have been able to steal the mil­i­tary secrets because a mil­i­tary offi­cer neglected these warn­ing mes­sages and broke regulations.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Organized hacking
By mahax on 12/26/2009 7:49:42 AM , Rating: 3
I think any organized hackers like this must have agents in the real world tracking down people of interest and using various methods to spy, hussle etc. the opposition. The strong cyber attack is then only the tip of the blade.

I'm not sure if this was genuine tough, could be just propaganda. I mean 700 000 soldiers?




RE: Organized hacking
By Master Kenobi (blog) on 12/26/2009 9:49:48 AM , Rating: 2
Sounds about right. In a full scale war the US can move nearly 2 million men. 700,000 would be largely the army with the other branches kicking in maybe 100k each.


RE: Organized hacking
By Chillin1248 on 12/26/2009 11:03:58 AM , Rating: 2
Indeed.

Consider also that the 700,000 number also refers to support personel, which usually make up the bulk of any military force. And with the average of between 7-12 support personel for each combat soldier, the number of combat divisions that would be mobilized is actually quite small.

-------
Chillin


RE: Organized hacking
By Master Kenobi (blog) on 12/26/2009 1:26:31 PM , Rating: 2
I'm in the US Army ;)


RE: Organized hacking
By Chillin1248 on 12/26/2009 1:58:04 PM , Rating: 2
I'm in the Israeli, so we both know how bloated most armies are. :)

-------
Chillin


RE: Organized hacking
By Master Kenobi (blog) on 12/27/2009 10:29:24 AM , Rating: 2
True that!


RE: Organized hacking
By just4U on 12/28/2009 3:30:14 AM , Rating: 2
It still seems more like a propaganda piece then anything else.. Do you think that's unlikely?


RE: Organized hacking
By Master Kenobi (blog) on 12/28/2009 3:43:28 AM , Rating: 2
Well, I have no doubt at this point if it wasn't it has been turned into that. Regardless though, how much information do you really think could be stored in a dozen or so powerpoint slides? Exactly. If you've ever seen a government or military powerpoint you would know that it is little more than bullet points and some pictures usually, no real substantial information. That sort of info is printed off on a sheet the presenter is holding in his hand, in case he decides to deviate or not disclose something, it is not noticeable to those viewing the slideshow.


RE: Organized hacking
By AstroGuardian on 12/28/2009 4:30:07 AM , Rating: 1
I thought that confidential documents are not created using Microsoft Office. Come on, shouldn't the Army develop it's own software not compatible with foreign software and decrease the chance for compromising?


RE: Organized hacking
By Master Kenobi (blog) on 12/28/2009 8:00:24 PM , Rating: 2
Documents are almost always created using Microsoft Office. It is not cost effective to develop different software and formats. It is much cheaper to secure the information on an isolated network or in an encrypted format. The fact that so little information exists on this leak leads me to believe the file in question was of little value. It was likely just a FOUO document and considered "sensitive" but not classified.


RE: Organized hacking
By jimbojimbo on 12/28/2009 2:40:17 PM , Rating: 2
Oh how you are mistaken. They put a lot of info in PPT slides, like numbers, origination, destination, and timing.


RE: Organized hacking
By DarkElfa on 12/28/2009 3:36:45 PM , Rating: 3
North Korea has computers?


RE: Organized hacking
By Master Kenobi (blog) on 12/28/2009 8:01:27 PM , Rating: 2
I'm guessing you don't see many military/govt slideshows. Death by powerpoint is extremely common, for this one to be so small is unusual to say the least.


RE: Organized hacking
By Reclaimer77 on 12/28/2009 9:53:35 AM , Rating: 4
quote:
One source stated that the doc­u­ment included details about the 700,000 US troops that would be used in the event of a full-scale war.


Lol with THIS President ??

First he would tell the general actually IN the warzone that he needs to weigh all the options and talk to his advisers. Then he would hold 3 summits on the political climate of the region, because lord knows you can't commit troops until politics is discussed. Then he would make 5 speeches in as many states before flying back and holding another "summit".

Two months later you would get 75,000 troops, maybe.


RE: Organized hacking
By PitViper007 on 12/28/2009 11:27:56 AM , Rating: 2
Double the time and it's about right.


RE: Organized hacking
By jimbojimbo on 12/28/2009 2:41:38 PM , Rating: 3
And Gore would blame North Korea's attack on global warming.


RE: Organized hacking
By Ammohunt on 12/28/2009 4:02:20 PM , Rating: 2
and add about half a dozen peace vigils....


RE: Organized hacking
By AstroGuardian on 12/28/2009 4:26:53 AM , Rating: 2
Good thinking


RE: Organized hacking
By fox12789 on 12/30/2009 9:30:19 AM , Rating: 2
http://www.brand-bar.com
sneaker: airmax 90, 95 etc $35-42 free shiping.
boots: UGG etc $60 free shiping.
Jeans : polo etc $35-49 free shipping
T-shirts : A&f etc $12-18 free shipping.
hoodies: 5ive etc $28-40 free shipping
handbags: Ed hardy etc $35-68 free shipping
Sunglasses: LV etc $17 free shipping
Belts: BOSS etc $15 free shipping
Caps: red bull etc $12-15 free shipping
Watches:rolex etc $80 free shipping
http://www.brand-bar.com


RE: Organized hacking
By fox12789 on 12/30/2009 9:31:19 AM , Rating: 2
http://www.brand-bar.com
sneaker: airmax 90, 95 etc $35-42 free shiping.
boots: UGG etc $60 free shiping.
Jeans : polo etc $35-49 free shipping
T-shirts : A&f etc $12-18 free shipping.
hoodies: 5ive etc $28-40 free shipping
handbags: Ed hardy etc $35-68 free shipping
Sunglasses: LV etc $17 free shipping
Belts: BOSS etc $15 free shipping
Caps: red bull etc $12-15 free shipping
Watches:rolex etc $80 free shipping
http://www.brand-bar.com


RE: Organized hacking
By fox12789 on 12/30/2009 9:34:43 AM , Rating: 2
http://www.brand-bar.com
sneaker: airmax 90, 95 etc $35-42 free shiping.
boots: UGG etc $60 free shiping.
Jeans : polo etc $35-49 free shipping
T-shirts : A&f etc $12-18 free shipping.
hoodies: 5ive etc $28-40 free shipping
handbags: Ed hardy etc $35-68 free shipping
Sunglasses: LV etc $17 free shipping
Belts: BOSS etc $15 free shipping
Caps: red bull etc $12-15 free shipping
Watches:rolex etc $80 free shipping
http://www.brand-bar.com


This story....
By Fox5 on 12/25/2009 5:35:34 PM , Rating: 3
This story makes no sense.
So he switched a computer, still on a military network, onto the Internet, and somehow it was miraculously hacked? What kind of weak security do they have? That basically implies that every system they have connected to the Internet is easily compromised, don't they even have some basic firewalls or file access rules?
I mean, I guess 11 slides of a Powerpoint (lol) shouldn't be particularly damaging, but still. This stinks of either an inside job, or SK purposefully leaking misinformation, I can't believe their network security is that incompetent. Geez, how long was that flash drive left in the computer, and how do they even know information was stolen from it?




RE: This story....
By Treckin on 12/25/2009 6:43:51 PM , Rating: 5
I think that the point is, for these officials, to release exactly or in step-by-step fashion the procedures for detecting when a military PC goes public would be to invite exponentially more trouble then this single PP project hack was.

My guess is a trojan or whatever signaled a malicious party the moment that the laptop went live on the internet. And by the way, simple firewalls and anti-virus clients are basically CRAP against even a meager effort which is well-prepared.

The thing I dont get is that the worm must have been smart to when the PC had a removable disk... This would seem to imply that the attacking party was willing to wait possibly an indefinite amount of time, or that the attacking party has this snooping prog. installed on many laptops, and this was a blind-lucky hit.


RE: This story....
By StevoLincolnite on 12/25/2009 7:36:15 PM , Rating: 3
quote:
So he switched a computer, still on a military network, onto the Internet, and somehow it was miraculously hacked? What kind of weak security do they have?


Not only that, but there is literally Billions of Internet connected devices accessing the internet, how does a single guy with a single laptop get single out so easily and quickly? Do hackers "Google" for Military based computers or something?


RE: This story....
By Iketh on 12/25/2009 9:45:58 PM , Rating: 2
Quite obvious to me that this illustrates the magnitude of hackers constantly ready to strike at a new node connecting to a network they're monitoring.

It's not like this computer was incredibly unlucky. There are hackers constantly screening for opportunities just like this and take full advantage when they occur.


RE: This story....
By drycrust3 on 12/26/2009 1:39:09 PM , Rating: 2
quote:
neglected these warn­ing mes­sages and broke regulations

Why does this sound like it was a daily occurrence and "everyone was doing it"? Aren't they technically still at war?

I have to agree with you, this doesn't make much sense. It does sound a lot like he was running one of the Windows operating systems because they mention "Powerpoint" (which is both a trade name as well as a generic term for ... a powerpoint) and "sys­tems secu­rity soft­ware". Of course, one could easily argue that since I haven't used either Vista or Windows 7 I don't know what I'm talking about, which is very true. I'm just going on hearsay evidence on various internet platforms such as this one.
I would have thought something like a Linux type operating system would have been more appropriate ... although they would have lost face at every seminar by using the mostly compatible OpenOffice suite instead of the genuine Microsoft Powerpoint.
What I find interesting is this timing seems to be very specific: Officer plugs in flash drive, disconnects from Intranet, connects to internet, and THEN the computer is hacked.
To me the whole thing smacks of either some sort of virus on the flash drive or the computer was accessed wirelessly (excuse the terrible adverb) e.g by Bluetooth or one of those cellphone dongles (which may well have been the "USB device"), but in either case one would have to believe all the files on the computer were compromised.

Of course, there is a third alternative, but they definitely won't like this: the hacker had accessed the computer from the intranet and was interrupted during the copying of the several Gigs of files on the flash drive by the officer disconnecting from intranet.


RE: This story....
By Hakuryu on 12/26/2009 5:39:52 PM , Rating: 1
You are right, this makes no sense.

He switched from an intranet onto the internet, so in order for his laptop to have the stolen information, didn't it have to be on his laptop since the intranet connection was terminated? I would assume downloading sensitive information to a laptop would be against regulations.

Then there is the USB device. How does that fit in? Perhaps it was a dongle that allowed his laptop to connect to the intranet, and if left in when he went on the internet, someone was able to read the dongle information and create a virtual one, that they then used to connect to the intranet and steal data?


Ok 1st of all
By BruceLeet on 12/25/2009 5:12:54 PM , Rating: 3
Who the hell is Ariel Chillinclum

Secondly, Merry Christmas

This is a neat story, think tank thing?




RE: Ok 1st of all
By SSDMaster on 12/25/2009 5:25:06 PM , Rating: 1
Does this mean Jason Mick is fired????
Awesome Article.


RE: Ok 1st of all
By Chillin1248 on 12/25/2009 7:49:49 PM , Rating: 5
Hello,

I am a visiting writer here at DailyTech and usually related to defense related news.

And Merry Christmas to you too.

-------
Chillin


finds them very simple
By mforce on 12/25/09, Rating: 0
RE: finds them very simple
By Flunk on 12/25/2009 10:06:46 PM , Rating: 2
Hey, everyone knows bloggers can withstand nuclear blasts. They're like cockroaches.


RE: finds them very simple
By psychmike on 12/26/2009 9:40:55 AM , Rating: 3
Whatever your views of their government, the people who live under that regime have very little say in how their society is run. The fact that you express such a simple and disdainful view of other people says a lot more about you than the people you characterize as evil.

I have you never encounter the misfortune that you so casually wish upon others.


lack of non-security
By KamiXkaze on 12/25/2009 6:45:25 PM , Rating: 2
Talk about true lack of security a external device like a thumb drive lol.




RE: lack of non-security
By KamiXkaze on 12/25/2009 7:29:02 PM , Rating: 2
I stand corrected USB device so it could be any type sorry.

kXk


Here's the plan!
By jonmcc33 on 12/27/2009 1:16:45 PM , Rating: 2
They are going to get all North Korean soldiers drunk with soju and seduce them with juicy girls!

Note: Anyone that has been to South Korea will know what I am talking about.




RE: Here's the plan!
By marvdmartian on 12/29/2009 11:43:35 AM , Rating: 2
My question is, why do they need an 11 page power point presentation?

Page 1. Call US president, demand immediate defeat of NK military by overwhelming US response.

Page 2. Call UN, demand immediate defeat of NK military by overwhelming UN response.

Page 3. Whine endlessly about imperialist NK government.

Simple!!


Which ones?
By HostileEffect on 12/26/2009 12:16:35 AM , Rating: 2
Why monitor everyone when you can single out the cities with Military bases?




RoK giving cred to the hacker
By VultureTX on 12/27/2009 8:35:55 AM , Rating: 2
and thus the "stolen Top Secret powerpoint" so that the DPRK and "Little Il" will take it seriously?

/Diplomacy by other means




By notty22 on 12/27/2009 2:53:12 PM , Rating: 2
Its been officially announced by the US intelligence agencies that spies leave these drives everywhere, coffee shops, on the ground. Around military bases. Even at your local electronics store, they infect what appears to be "new" drives through one scheme or another. Its why on military bases not one is allowed anywhere.




By PAPutzback on 12/28/2009 9:36:57 AM , Rating: 2
Do you really think any military out there doesn't know what their vulnerable points are or high risk targets are.

It is like any RTS game. Destroy resources first, then cut off supply lines and then you finish up with a the ground war.

Check out Sun Tzu's "Art of War" it is in the library of every officer.




Great...
By phubai on 12/30/2009 10:07:22 AM , Rating: 2
...another Powerpoint...nobody will look at it anyway.




Sounds like April Fools
By gfredsen on 12/25/09, Rating: -1
"Folks that want porn can buy an Android phone." -- Steve Jobs











botimage
Copyright 2012 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki