Editions

ENGLISH

N. Korean hackers breach government document system developer

한국어

N. Korean hackers breach government document system developer

Posted February. 12, 2025 07:41,

Updated February. 12, 2025 07:41

N. Korean hackers breach government document system developer. February. 12, 2025 07:41. by Kyu-Jin Shin newjin@donga.com.
Hackers suspected to be linked to North Korea have breached the developer of the government document system, prompting an ongoing investigation by intelligence authorities. On-nara is an integrated program used across all government ministries for official document processing, including creation, review, and approval. A significant amount of related data has been reported stolen from the company's servers, which are responsible for its development, construction, and operation.

According to a comprehensive report by The Dong-A Ilbo on Tuesday, authorities detected the hacking incident at Company A, the developer of On-nara, at the end of last year and launched an investigation to assess the extent of the damage. The attack is believed to be the work of North Korea. “It is difficult to confirm‎ the details as the investigation is ongoing,” the National Intelligence Service stated.

Company A specializes in the development, construction, and operation of On-nara. Initially introduced in 2005, the system was upgraded in the late 2010s by integrating the computing environments of various government agencies into a cloud-based platform. This enhancement improved work efficiency and facilitated inter-ministerial collaboration. The integrated system enables ministries to share and approve documents within the government’s internal network while supporting emails, video conferences, State Council materials, and ministry schedules.

North Korea is suspected of hacking Company A to analyze the structure of On-nara, identify the programs used at its inception, and access internal ministry documents.

The attackers likely employed a multi-stage infiltration strategy to reach their target. Concerns are growing that this breach could pose a serious cybersecurity threat, potentially enabling future direct attacks on the government network, paralyzing administrative systems, and exposing sensitive documents.

North Korea has increasingly focused on stealing information by targeting private small and medium-sized enterprises with weaker security, rather than directly infiltrating government agencies or large corporations. A similar case occurred last year when a subcontractor of a major defense company was hacked, resulting in the leak of critical data on South Korea’s key anti-North Korea aerial reconnaissance assets, the Baekdu and Geumgang aircraft. Additionally, a subcontractor producing essential components for major weapon systems—such as armored vehicles, missiles, and radars—suffered significant technology theft.

한국어

Hackers suspected to be linked to North Korea have breached the developer of the government document system, prompting an ongoing investigation by intelligence authorities. On-nara is an integrated program used across all government ministries for official document processing, including creation, review, and approval. A significant amount of related data has been reported stolen from the company's servers, which are responsible for its development, construction, and operation.

According to a comprehensive report by The Dong-A Ilbo on Tuesday, authorities detected the hacking incident at Company A, the developer of On-nara, at the end of last year and launched an investigation to assess the extent of the damage. The attack is believed to be the work of North Korea. “It is difficult to confirm‎ the details as the investigation is ongoing,” the National Intelligence Service stated.

Company A specializes in the development, construction, and operation of On-nara. Initially introduced in 2005, the system was upgraded in the late 2010s by integrating the computing environments of various government agencies into a cloud-based platform. This enhancement improved work efficiency and facilitated inter-ministerial collaboration. The integrated system enables ministries to share and approve documents within the government’s internal network while supporting emails, video conferences, State Council materials, and ministry schedules.

North Korea is suspected of hacking Company A to analyze the structure of On-nara, identify the programs used at its inception, and access internal ministry documents.

The attackers likely employed a multi-stage infiltration strategy to reach their target. Concerns are growing that this breach could pose a serious cybersecurity threat, potentially enabling future direct attacks on the government network, paralyzing administrative systems, and exposing sensitive documents.

North Korea has increasingly focused on stealing information by targeting private small and medium-sized enterprises with weaker security, rather than directly infiltrating government agencies or large corporations. A similar case occurred last year when a subcontractor of a major defense company was hacked, resulting in the leak of critical data on South Korea’s key anti-North Korea aerial reconnaissance assets, the Baekdu and Geumgang aircraft. Additionally, a subcontractor producing essential components for major weapon systems—such as armored vehicles, missiles, and radars—suffered significant technology theft.

Kyu-Jin Shin newjin@donga.com

Headline News

40 universities no longer permit medical students to take a leave of absence

Opinion

About Dong-A Ilbo

Editions