Advertisement

IT firms not responsible for North Korea hack, court rules

IT firms not responsible for North Korea hack, court rules
Hackers of North Korean origin infiltrated the database of the South's military in 2016. File Photo by Andrew Wong/UPI | License Photo

Aug. 27 (UPI) -- A South Korean court dismissed a lawsuit filed against local IT firms responsible for the cybersecurity of military networks during a North Korean hacking incident in 2016.

Seoul Central District Court's 16th Civil Division ruled in a first trial on Thursday two private contractors -- a computer network provider and a company that provides antivirus software -- were not at fault for damages that occurred during the 2016 hacking incident, Yonhap and News 1 reported.

Advertisement

In 2016, North Korea launched several cyberattacks against the South's defense ministry that targeted the military's intranet. An Internet Protocol address linked to the attacks was traced to Shenyang, China. North Korea-affiliated hackers were also linked to a large-scale cyberbreach against South Korean corporations that year. The hackers managed to steal diagrams for the basic model of the F-15K fighter jet and drones.

Military prosecutors later found the hackers infiltrated the antivirus software firm and procured a source code. They were then able to penetrate the military's networks and distribute malicious codes, according to Seoul.

RELATED Kim Yo Jong a no-show at North Korea politburo meeting

South Korea's military sued its contractors following the attack and said the companies did not separate the military's network from that of the external Internet.

Advertisement

The military also claimed the antivirus software provider did not detect the hacking and failed to notify the government in a timely manner, News 1 reported Thursday. The $4.2 million suit was first filed in October 2017.

The software provider also "did not take action to block the IP address" of the hacker, Seoul said in its suit.

RELATED U.S. offers to remove Sudan from terror blacklist for $330M

On Thursday, the South Korean court did recognize the hacking occurred because the network provider did not separate external and internal networks. But the court dismissed the case on grounds the firms did fulfill the obligations of their contract and cited "insufficient evidence" of their wrongdoing in the event of the extraordinary attack.

In 2016, North Korea denied any connection to the cyberattacks.

RELATED North Korea's appetite for sugar is strong, data show

Latest Headlines

Advertisement
Advertisement

Follow Us

Advertisement