Seoul Metro was hacked in 2014 by PyongyangServers of a subway operator in Seoul were found to have been hacked last year, probably by North Korea’s spy agency.
Nearly 300 computers of the company were compromised, but the subway lines’ operations and signaling systems remained untouched because they are on a separate server.
Seoul Metro, the operator of subway lines 1 to 4 in Seoul, said Monday that it found its servers for office computers and its online magazine were hacked in July 2014. The subway operator said the hacking did not undermine the safety of passengers.
“The operation system and office computers have their own servers with no connection inbetween,” said Seoul Metro President Lee Jung-won.
“The Ministry of Land, Infrastructure and Transport, which investigated the servers, also concluded that the servers are completely isolated so the hacking had nothing to do with the safety of passengers.”
The National Intelligence Service (NIS), the country’s top spy agency, investigated in September 2014 and found that 213 computers were targeted by unauthorized users, 58 others were infected by malicious codes, two servers were taken over by hackers and 12 documents were leaked.
The NIS looked into server logs from March to August 2014 but could not specify who the hackers were. But given the hackers used Advanced Persistent Threat (APT), which was used to hack broadcasting companies and financial institutes in March 2013, the NIS suspected cyber terrorism by the North.
Seoul Metro said Monday the hacking didn’t have huge impact on the company.
“It didn’t affect the operation systems and the documents were relatively unimportant,” said Kwon Ji-won, an official of Seoul Metro. “To prevent similar cases, we are planning to separate Internet from intranet for office computers.”
Seoul Metro formatted all 4,240 office computers and established safety arrangements this year.
Also, the subway operator carried out training sessions to guard against malicious code, set up a new intelligence security team and recruited intelligence technology experts from outside. South Korea has seen increasing number of cyber-attacks in recent years. The figure rose from 184,578 in 2013 to 370,713 in 2014, and 350,188 as of September this year.
BY KIM BONG-MOON [firstname.lastname@example.org]