North Korean-backed hackers linked to attack on Seoul National University Hospital

North Korean-backed cybercriminals are likely behind the hack into Seoul National University Hospital in June, according to a South Korean cybersecurity expert on Thursday. File photo by Keizo Mori / UPI | License photo

July 15 (UPI) – A group of hackers reporting to the General Reconnaissance Office of North Korea is believed to be behind the recent hack into a major hospital in South Korea.

Representative Ha Tae-kyung from the main opposition People Power Party said investigations revealed that the cybercriminal group known as Kimsuky likely hacked into Seoul National University Hospital in June, reported reported the Seoul Economic Daily.

Choi Sang-myeong, a South Korean cybersecurity expert and managing director of Seoul-based Issue Maker Lab, investigated the hack on behalf of Ha’s office.

Choi said his findings indicated malicious code previously used by Kimsuky matched a security threat identified in the hospital breach, according to Chosun Ilbo on Thursday.

Seoul National University Hospital said the cyberattack took place from June 5 to 11. An inactive server and 62 workstations were violated. A total of 6,969 records, many of which are patient records, have been hacked, according to the hospital.

Ha said Thursday that “important medical information on patients may have been transferred to North Korea,” without providing specific details.

The university hospital is one of the main health systems in South Korea. At least one former South Korean president and senior business leaders have received treatment at Seoul National University, according to the Chosun.

Park Won-gon, professor of North Korea studies at Ewha Women’s University in Seoul, told the Seoul Economic Daily that North Korean-affiliated hackers are likely looking for data on COVID-19 vaccines .

Hackers could also seek to do “damage to the South Korean government,” Park said.

Last year, Microsoft said at least nine healthcare organizations, including Pfizer, had been the target of hacking attempts by North Korean-backed organizations.

In December, Kimsuky was linked to a bogus online site designed to deceive workers in the health system at Yonsei University in South Korea.


Comments are closed.