Go to contents

Seoul Metro allegedly being hacked by North Korea

Posted October. 06, 2015 07:20,   


It was revealed that a North Korean cyber terrorist group is suspected to have hacked into Seoul Metro`s PC management server, taking control for at least six months. The subway operator runs Seoul metro lines 1 to 4. According to a report submitted to Saenuri Party Rep. Ha Tae-keung by Seoul Metro, operating servers of the company`s PC management program were hacked in July last year, allowing 58 computers of the control tower to be infected with malware. The National Intelligence Service confirmed that the same tools were used as the 2013 cyber attacks of broadcasting stations and financial institutions conducted by the North, but failed to identify the exact time of attack due to lack of log management system of the subway operator.

However, Seoul Metro`s reaction to the situation remains complacent as it claims, "We have no problem in operating trains as the control system is a closed network separate from the office network system." The organization had already shown its conceit when 93 cases of vulnerability were detected in its self security checks in March last year, by saying, "The system managing trains is a closed network which cannot be invaded by outside attacks." Seoul Metro is Korea`s largest subway operator, which carries 4.2 million passengers each day. It is horrendous to even imagine what chaos a cyber attack causing collisions among trains using stolen information will bring about to the nation.

In fact, there have already been a series of subway accidents including the colliding of two trains at Sangwangsimni station on subway line 2 injuring 230 people April last year, which is also run by Seoul Metro. We cannot rule out the possibility of a massive scale accident taking place if the servers are susceptible to outside invasion. North Korea`s cyber attacks have mainly targeted at national infrastructure such as nuclear power plants, subways, and railroads. If such attempts are gone untouched, South Korea could experience what Iran did in the 2010 Stuxnet attack, which brought huge damages to its nuclear plant. Yet, the cyber terrorism control tower of the South Korean government is not working properly.

The North usually carries out its cyber terrorism disguising as Chinese hackers. In order to deter Pyongyang`s cybercrime, Seoul should join the Budapest Convention on Cybercrime sooner than later as well as strengthening its national cyber security. When joining the Convention, Korea can establish a hotline among members, enabling joint actions against cybercrimes. China will not be able to find an excuse to refuse requests for a coordinated investigation after South Korea becomes a member.