Assembly was hacked, says NIS

Lax cybersecurity at the National Assembly came under fire on Wednesday, after the country’s main spy agency said North Korea had successfully hacked computers and email accounts used by some lawmakers and aides.

The National Intelligence Service (NIS) said on Tuesday that North Korea made numerous hacking attempts from Aug. 15 until President Park Geun-hye’s visit to China in early September to infiltrate networks of the presidential office, the ministries of national defense, foreign affairs and unification, and the National Assembly.

While the Blue House was protected, the North managed to obtain some documents from the defense, foreign affairs and unification ministries, the NIS said.

Its greatest success was hacking of the legislature. Computers and email accounts of three lawmakers of the ruling Saenuri Party and 10 aides of lawmakers both from the ruling and opposition parties were hacked, the NIS said during an audit by the National Intelligence Committee of the National Assembly.

According to the NIS, the computers of Rep. Na Kyung-won, chairwoman of the Foreign and Unification Committee, and Rep. Kil Jeong-woo, a former member of the foreign committee who is currently serving in the commerce and trade committee, were hacked. Another lawmaker on the National Defense Committee, who was a former military general, was also hacked, the NIS said.

“The data leaked through the hacking was mainly information the lawmakers received from the government for the audits,” the NIS said. “Our investigation is still ongoing, and the North also targeted lawmakers on the Intelligence Committee.

“It appeared that the North targeted lawmakers well-informed about foreign and security affairs because it wanted to know our strategy with China,” the NIS said, citing evidence that the hacking attempts were concentrated from August to early September. Park visited China from Sept. 2 to 4 to attend a Victory Day commemoration event in Beijing on Sept. 3.

The NIS said it had informed the National Assembly Secretariat about the hacking and leaks.

The National Assembly, however, reacted dubiously. All three ruling party lawmakers whom the NIS said were hacked by the North said Wednesday that the secretariat did not inform them of anything.

An official handling the legislature’s network security said that the NIS never formally informed the National Assembly about the hacking. However, he refused to say if there was unofficial notice.

The National Assembly Secretariat issued a press release and said the legislature had previously upgraded its cybersecurity through a network separation project. “The National Assembly’s information system and operations network were never hacked,” it said.

According to the legislature, its Intranet, which gives access to the National Assembly’s own information system, is separated from the Internet network used for accessing outside sites and personal email accounts. No hacking took place on the National Assembly’s Intranet, the legislature said.

The legislature’s lax sense of cybersecurity, however, drew criticism.

“Even if we separated the Intranet from the Internet, a hacker can still infiltrate,” said a cybersecurity expert from an international company who spoke on the condition of anonymity.

“The National Assembly’s network security is extremely lax,” said Rep. Kil, a victim of the North’s hacking. “If I were a North Korean hacking team, I would make it a target.”

Saenuri Chairman Kim Moo-sung also complained about the poor security measures of the legislature. “My email account has been hacked frequently, so I have to change my password every now and then,” he said.

The National Assembly is operating an independent network security system not covered by the cybersecurity umbrella provided by the government, including the NIS. Although the intention is to maintain its independence from the government, weak cybersecurity has become an issue.

The National Assembly Secretariat commissions a private security company to protect its network systems. The security system is operated completely independently, a computer network official of the legislature said.

National Assembly members, including lawmakers, also have a poor sense of cyber security and often violate necessary measures, leaving the system even more vulnerable to hacking.

Many lawmakers share their IDs and passwords of National Assembly email accounts with their aides. Computers connected to the Intranet and Internet in the lawmakers’ offices are often shared by many aides.

BY NAMGUNG WOOK, SER MYO-JA [ser.myoja@joongang.co.kr]