South Korean Supreme Court Admits North Korean Hacking Breach

The Supreme Court belatedly issued an apology after at least 26 documents containing personal information were leaked due to hacking suspected to be carried out by North Korea.

According to the Supreme Court on the 5th, the Court Administration Office announced through a notice on its website the previous day that an attack, suspected to be related to North Korea, had intruded into the judiciary’s computer network using advanced hacking techniques.

The court, expressing its deep apology, stated, “As the judiciary, we cannot hide our embarrassment at the seriousness of the matter,” and “We bow our heads in apology for causing great concern to the public, including internal and external users of the court, due to this incident of the judiciary’s computer network intrusion.”

It added, “We have taken necessary measures, such as personal information protection measures, immediately according to the results of the in-depth investigation, and we plan to take swift follow-up measures as additional facts are confirmed.”

According to the Court Administration Office, the court took necessary security measures to prevent additional damages along with its own investigation of the matter after detecting attempts to intrude into the judiciary’s computer network from outside in February last year. However, despite a long investigation, it was difficult to grasp the whole picture of the incident due to technical limitations, so an in-depth investigation was conducted with external security experts on December 18 last year.

As a result, it was discovered that there had been an intrusion into the judiciary’s computer network since January 2021. The attack techniques match those used by Lazarus, and the police and the National Intelligence Service practically concluded that it was Lazarus’s work based on this.

Hackers are suspected to have identified vulnerabilities in the court’s virtual PCs and servers, infiltrated the internal computer network, and extracted a considerable amount of computer data. It was found that 26 documents, including personal rehabilitation and rehabilitation initiation applications, resident registration copies, and local tax certificates, were included among the files where the leakage was attempted.

Taking this intrusion incident as an opportunity, the court emphasized that it will embark on comprehensive measures to enhance security capabilities, including rechecking the judiciary’s computer network and reorganizing the responsible agencies to prevent recurrence.

This is the first time the judiciary’s computer network has been infiltrated. The Court Administration Office was found to have first detected a hacking attempt in February last year and wrote an internal report in the name of the Computer Information Management Bureau in April of that year. It hid this fact from the outside, partially admitted it after a media report in November last year, and belatedly apologized this time.

At the time, regarding the leakage of litigation documents, the court only announced that “it was not confirmed” but belatedly acknowledged the possibility of some litigation document leaks.