Cybersecurity News that Matters

Cybersecurity News that Matters

South Korean police investigate alleged North Korean cyberattack on Supreme Court

by Kuksung Nam

Feb. 21, 2024
12:10 PM GMT+9

South Korea’s Supreme Court is currently under investigation by the country’s law enforcement officials, who are investigating an alleged cyberattack. The attack, purportedly orchestrated by a North Korean state-sponsored hacking group, targeted the judicial branch’s computer network last year.

The Korean National Police Agency stated on Wednesday that they are seizing servers at the Supreme Court’s Judicial Information Technology Center. “We are investigating the IT center to identify the attackers and their methods,” a Cyber Terror Response Division official told The Readable. The official mentioned that the operation began on February 13 but refrained from disclosing more details, citing the ongoing nature of the investigation.

The investigation follows the top court’s disclosure last December that its computer network had been compromised by a cyberattack. This revelation came amid accusations that the Lazarus group, a notorious entity operating under the North Korean government, had penetrated the system from 2022 to early 2023. It’s believed that they may have compromised, at most, hundreds of gigabytes of data.

The National Court Administration, associated with the Supreme Court, stated that in February 2023, they detected and promptly removed a malicious code. They identified the malware as “Lazadoor,” a term coined by a South Korean cybersecurity firm that analyzed the case upon request from the affiliated organization.

In addition to identifying the malicious code, the administrative organization acknowledged the impossibility of determining the extent and characteristics of a potential data breach, including sensitive information like names, addresses, and phone numbers. They committed to conducting a comprehensive investigation in collaboration with relevant authorities and promised to inform the public of their findings in a subsequent announcement.

“A report from the cybersecurity firm identified the malware as ‘Lazadoor,’ one of the malicious codes developed by the Lazarus group,” stated a spokesperson from the National Court Administration. The spokesperson refrained from providing further details, other than mentioning their collaboration with South Korea’s intelligence agency and police for an in-depth investigation.

Subscription

Subscribe to our newsletter for the latest insights and trends. Tailor your subscription to fit your interests:

By subscribing, you agree to our Privacy Policy. We respect your privacy and are committed to protecting your personal data. Your email address will only be used to send you the information you have requested, and you can unsubscribe at any time through the link provided in our emails.

  • Kuksung Nam
    : Author

    Kuksung Nam is a journalist for The Readable. She has extensively traversed the globe to cover the latest stories on the cyber threat landscape and has been producing in-depth stories on security and...

    View all posts
Stay Ahead with The Readable's Cybersecurity Insights