North Korean Hackers Target U.S.-South Korea Military Drills

SEOUL (Reuters) – Suspected North Korean hackers have targeted a joint U.S.-South Korea military exercise being held this week, though classified information has not been compromised, South Korean police said on Sunday.

South Korean and U.S. forces will on Monday begin 11-day Ulchi Freedom Guardian summer exercises to improve their ability to respond to North Korea’s evolving nuclear and missile threats.

North Korea objects to such exercises, saying they are preparations by the U.S. and its South Korean ally for an invasion of it.

The hackers were believed to be linked to a North Korean group that researchers call Kimsuky, and they carried out their hack via emails to South Korean contractors working at the South Korea-U.S. combined exercise war simulation center, the Gyeonggi Nambu Provincial Police Agency said in a statement.

“It was confirmed that military-related information was not stolen,” police said in a statement on Sunday.

North Korea has previously denied any role in cyberattacks.

The Kimsuky hackers have long used “spear-phishing” emails that trick targets into giving up passwords or clicking attachments or links that load malware, according to researchers.

South Korean police and the U.S. military conducted a joint investigation and found the IP address used in the hacking attempt matched one identified in a 2014 hack against South Korea’s nuclear reactor operator, police said.

At that time, South Korea accused North Korea of being behind that cyberattack.