SEOUL--South Korea on Tuesday blamed North Korea for a
cyberattack on nuclear power-plant operator Korea Hydro &
Nuclear Power Co., marking the first online incursion publicly
attributed to Pyongyang since the hacking of Sony Pictures
Entertainment.
South Korean investigators said state-owned Korea Hydro, which
operates the country's 23 nuclear reactors, and its business
partners were targeted in multiple cyberattacks aimed at stealing
internal data that included plant blueprints and employees"
personal information.
South Korea's nuclear-plant management wasn't compromised in the
attacks and no critical data was disclosed, the investigators said.
A series of "spear-phishing" emails aimed at stealing passwords and
obtaining remote control access of computers were largely
unsuccessful, they added.
A Korea Hydro spokeswoman declined to comment, saying the firm
wasn't participating in the investigation.
A Twitter account holder in December posted Internet links to
Korea Hydro's internal-data archives and issued various demands to
prevent further leaks, the investigators said.
Investigators said they traced the intrusions back to Internet
addresses registered by North Korea. The spear-phishing virus that
investigators said was used in the attack, named "kimsuky," was
previously identified by cybersecurity experts as created in North
Korea. The related tweets were posted through servers in Shenyang,
in China's northeast, and Vladivostok, Russia, they said.
Pyongyang's state newspaper in late December denied involvement
in the cyberattacks, calling such accusations a ploy to escalate
inter-Korean tension.
Tuesday's statement was the first time South Korea had publicly
attributed the cyberattacks to North Korea.
In the highest-profile cyberattack to date blamed on Pyongyang,
private data from Sony Pictures in late November were released
online, exposing employees' personal information and email
exchanges. A threat posted online and linked to the hackers
demanded the studio's cancellation of a film that lampooned North
Korea's leader, Kim Jong Un.
The U.S. Federal Bureau of Investigation has said malware found
on Sony computers share codes from others previously used by North
Korean suspects. North Korea has denied responsibility.
Write to Jeyup S. Kwaak at jeyup.kwaak@wsj.com
Access Investor Kit for Sony Corp.
Visit
http://www.companyspotlight.com/partner?cp_code=P479&isin=JP3435000009
Access Investor Kit for Korea Electric Power Corp.
Visit
http://www.companyspotlight.com/partner?cp_code=P479&isin=KR7015760002
Access Investor Kit for Korea Electric Power Corp.
Visit
http://www.companyspotlight.com/partner?cp_code=P479&isin=US5006311063
Access Investor Kit for Sony Corp.
Visit
http://www.companyspotlight.com/partner?cp_code=P479&isin=US8356993076
Subscribe to WSJ: http://online.wsj.com?mod=djnwires