[Asia Economy Reporter Choi Seok-jin] The government lost a lawsuit seeking damages from domestic companies related to the hacking incident of North Korea's defense computer network that occurred in 2016.
The Seoul Central District Court Civil Division 16 (Presiding Judge Im Ki-hwan) ruled on the 27th that the plaintiff lost the lawsuit in which the government sought 5 billion KRW in damages from company L, the contractor for the military computer network, and company H, the supplier of antivirus software.
In September 2016, the defense network was hacked by a North Korean hacker group, resulting in the leakage of operational documents and numerous military materials.
At that time, the hackers infiltrated the Defense Integrated Data Center (DIDC), where information from the Army, Navy, and Air Force converges, and spread malware to defense network servers and PCs through a mixed connection point of the internal defense network and the external internet network.
The military prosecution concluded that a group presumed to be from North Korea hacked the antivirus supplier, collected and analyzed information such as certificates and antivirus source codes, and then infiltrated the Ministry of National Defense's internet antivirus relay server.
The basis for presuming North Korea's involvement was that some of the IPs used in the attack on the defense network were from the Shenyang area in China, previously used by North Korean hackers, and that the malware analysis showed patterns similar to those used by existing North Korean hackers.
Subsequently, the government filed a lawsuit in October 2017 seeking a total of 5 billion KRW, claiming that companies L and H did not separate the construction of the defense network and the external internet network, connecting and mixing the two servers, and that they failed to report the hacking incident by North Korean hackers despite being notified by the Cyber Safety Bureau of the National Police Agency.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
