SEOUL (Reuters) - South Korea on Tuesday blamed North Korea for cyberattacks against the country’s nuclear reactor operator last December, based upon investigations into Internet addresses used in the hacking, but Pyongyang denied any involvement.
The conclusion reached by South Korean prosecutors comes less than a week after a hacker believed to be behind the cyberattacks on Korea Hydro and Nuclear Power Co Ltd released more files believed to have been taken in December.
The investigation included last week’s leak of a blueprint and test data.
“The malicious codes used for the nuclear operator hacking were the same in composition and working methods as the so-called ‘kimsuky’ that North Korean hackers use,” a statement from the Seoul central prosecutors’ office said.
Prosecutors said the cyber attacks were made between Dec. 9 and 12 by sending 5,986 phishing emails containing malicious codes to 3,571 employees of the nuclear plant operator.
An article carried by North Korea’s semi-official Uriminzokkiri website said South Korea’s claim was “nonsense” and a “provocation”, repeating past denials of its involvement.
South Korea had previously said it suspected the possible involvement of North Korea in the hacking, and had sought help from Chinese officials after tracing multiple Internet addresses involved to a northeastern Chinese city near North Korea.
Last December, Korea Hydro and Nuclear Power Co Ltd, which runs South Korea’s 23 nuclear reactors, said its computer systems had been hacked but only non-critical data had been stolen. A hacker had at the time demanded the shutdown of three reactors threatening “destruction” in Twitter messages.
More files were posted on Twitter on Thursday with a demand for money and an email address where the hacker said he could be contacted, claiming there had been offers from other countries to buy data related to nuclear power plants.
The December hacking attacks against the unit of state-run utility Korea Electric Power Corp came after the United States accused North Korea of a serious cyberattack on Sony Pictures and vowed to respond proportionately.
North Korea at that time rejected the accusation by the U.S. Federal Bureau of Investigation. The North also denied any role in cyberattacks on South Korea’s nuclear power plant operator, calling the suggestion that it had done so part of a “smear campaign” by South Korean leaders.
Meanwhile, the South Korean government in a separate statement on Tuesday vowed to enhance the country’s cyber security by setting up a special team in charge of cyber defense.
Reporting by Ju-min Park and Meeyoung Cho; Editing by Tony Munroe; and Michael Perry
Our Standards: The Thomson Reuters Trust Principles.