The computer server of one of Seoul City’s subway operators was found to have been hacked last year, allegedly by North Korea, though little damage has been confirmed, officials said Monday.
According to Saenuri Party Rep. Ha Tae-keung quoting the National Intelligence Service’s report, two servers in charge of managing the PCs of Seoul Metro were hacked in July last year, allowing unauthorized access to 213 company computers. Of them, 58 were found have to been infected with a malicious code, resulting in the leak of 12 work documents.
The NIS concluded that the hacking was conducted by the Advanced Persistent Threat, the same attack method used in the hacking of major broadcasters and banks in Seoul in March 2013. Pyongyang was suspected to have been the culprit then.
The NIS, however, said it could not find the first point of hacking and the source of the code, citing insufficient log files, officials said.
Seoul Metro said the leaked documents were not security-sensitive but related to human resources and internal management of the state-owned company. Seoul Metro is in charge of running Subway Line Nos. 1-4.
Seoul Metro also stressed that the hacking did not affect subway safety as the central control system is run separately in an enclosed type of network server.
As part of the efforts to improve the server safety, Seoul Metro formatted all PCs last year and strengthened the security measures.
Seoul Metro has seen a rise in cyberattacks in recent years. As of last month, over 350,000 cases were confirmed this year, which is nearly equivalent to last year’s total figure, Seoul officials said.
By Lee Hyun-jeong (firstname.lastname@example.org)