North Korea is suspected of hacking the developer of On-Nara, South Korea’s government-wide electronic document management system. While intelligence authorities are investigating the incident, they have not disclosed specific details.
On Wednesday, Korea’s National Intelligence Service (NIS) stated, “We cannot confirm details at this time as the matter is currently under investigation.” Late last year, the authorities detected a breach at the company of On-Nara developer. They have since started investigating the scope of the damage, believed to have been caused by North Korean hackers.
On-Nara is an integrated document creation, review, and approval platform across all government agencies. Reports suggest that a substantial amount of data was exfiltrated from the company servers responsible for its development, implementation, and maintenance.
While North Korea has a history of persistent cyber attacks against South Korean government agencies and large corporations, recent intelligence suggests that it is now targeting smaller private companies with relatively weak cybersecurity measures as a backdoor to access valuable information. In a notable incident last year, a subcontractor for a major defense firm was hacked, resulting in the theft of critical data related to the Baekdu and Geumgang surveillance aircraft, the South Korean military’s key aerial reconnaissance assets designed to monitor North Korea.