South Korea’s People Power Party (PPP) has demanded that a new cybersecurity law be enacted after several recent breaches of military and intelligence data.
The party of President Yoon Suk-yeol said in a statement that key information on Seoul’s main battle tank the K2 had been leaked, and that technical data on reconnaissance aircraft “Baekdu” and “Geumgang” were hacked by North Korea.
“There is an increasing possibility that North Korea will use our stolen technology to evade surveillance by our military,” the statement continued.
“Just as important as developing cutting-edge technologies is protecting them. We can no longer delay taking essential measures to protect national security and the safety of our people.”
According to local reports, Pyongyang hackers targeted a subcontractor responsible for producing operation and maintenance manuals for the aircraft. It appears to be a new tactic to go after smaller companies working for state procurement agency the Defense Acquisition Program Administration (DAPA).
In response, the PPP wants to enact a Basic Cybersecurity Law, expand the scope of existing espionage laws to “foreign countries” and punish industrial spies who leak military technology.
It’s believed that the K2 plans were leaked by workers at a contractor in exchange for payment.
North Korea’s cyber-espionage posture is increasingly aggressive. Last month, a join advisory from the UK, US and South Korean governments claimed a state-backed threat group, Andariel, had compromised critical national infrastructure (CNI) organizations to access classified technical information and intellectual property.
Organizations operating in the defense, aerospace, energy, nuclear and engineering sectors were targeted for information including contract specifications, design drawings and project details.
“The global cyber-espionage operation that we have exposed today shows the lengths that DPRK state-sponsored actors are willing to go to pursue their military and nuclear programs,” said National Cyber Security Centre (NCSC) director of operations, Paul Chichester.