North Korean hackers have reportedly accessed secretive war-plans drawn up by South Korea and the United States, detailing how the allied military forces would respond to the outbreak of war in the region – including first strike targets and troop deployments.
The plans, dubbed OPlan 5027, reportedly leaked in a significant mid-2016 intrusion at the "cyber nerve centre" of South Korea's defence system, the Defense Integrated Data Centre. Previously, defence officials played down the incident but admitted some material was stolen.
Speaking to South Korean newspaper Chosun Ilbo, one government source said 40 people have been questioned over the incident. Another source, from inside the Defense Ministry, claimed hackers accessed "portions of the plan" but not the full document.
OPlan 5027 was produced in the late-1970s and has been updated every two years since 1994. A recent successor, OPlan 5015, was drawn up in 2015 that included a more aggressive stance on targeting potential nuclear delivery systems.
According to Chosun Ilbo, military officials are now discussing whether the military plans should be altered now the reclusive nation of North Korea has accessed it. The past few months have been marked by a spike in missile launches from its trigger-happy ruling family.
As previously reported, South Korean Defense Ministry officials admitted last year that roughly 2,000 internet-connected computers and 700 intranet-connected computers were infected with malware known to be used by the North's China-based hacking teams.
At the time, the main line was that "some military files" were accessed – but this has now escalated. Speaking to Joongang Daily, an anonymous military source said: "A total of 5,000 computers or more turned out to have fallen victim to the malware."
"We've detected signs of infiltration in the computer networks of the ROK-US Combined Forces Command and the Joint Chiefs of Staff," the source added.
A separate government official said it was "difficult to gauge" what confidential information was stolen by the hackers.
In 2009, a similar incident with OPlan 5027 occurred after a South Korean officer used an unsecured USB stick to download it. The Guardian reported at the time the secretive information potentially found its way into "hostile hands" after being accessed by North Korean hackers based in China.
Fast forward to 2017 and tensions are rising between Pyongyang and US President Donald Trump has become increasingly outspoken about military action against the North. "If China is not going to solve North Korea, we will," he warned in an interview with the Financial Times.
At the same time, a report released this week (4 April) by Kaspersky Lab, a cybersecurity firm, produced evidence linking North Korean hackers to a slew of attacks at financial firms across the world, including an unprecedented theft at the Bangladesh Central Bank last year.