North Korean hackers steal F-15 design

Photo credit: GongTo /

North Korean hackers have stolen a trove of documents from South Korean defense firms, including wing designs for the U.S. F-15 fighter jet, authorities in Seoul said on June 13, according to news reports.

The hackers stole over 40,000 documents from South Korean defense firms in a campaign that began in 2014 but was only discovered this year, the Wall Street Journal and Reuters reported. The hacking campaign targeted over 140,000 computers at 160 South Korean firms and government agencies, Reuters reported.

Boeing makes the F-15, which is flown by the South Korean military.

The alleged cyberattack on South Korean firms is the latest in a series of bold cyber maneuvers linked to North Korea. The reclusive dictatorship in Pyongyang has allegedly used cyberspace to try to claw back money and influence from an international system from which it is increasingly isolated.

News reports quoted South Korean police as saying the detected intrusions were preparation for a much larger cyberattack on South Korean assets.

"The North has, time and again, proved its willingness to trample on the norms of state behavior and this latest alleged attack in cyberspace is in keeping with that pattern," Rep. Jim Langevin (D-R.I) said in a statement to FCW. "If, as has been reported, the DPRK was planning on launching a cyber attack from these compromised computers, the community of nations must respond forcefully."

Security firm Symantec has linked the hackers who stole $81 million from a bank in Bangladesh in February to the 2014 hack of Sony Pictures Entertainment. The Obama administration blamed North Korea for the late-2014 Sony Picture hack and leveled sanctions on North Korea officials in retaliation. 

North Korea is "capable of conducting damaging and disruptive cyberattacks during peacetime," according to a December 2015 report from the Center for Strategic and International Studies. In wartime, the North Korean regime would shift to targeting the command and control networks of the South Korean and American militaries, the report predicted.

Tony Cole, global government CTO at FireEye Inc., said cyberattacks on South Korean infrastructure have tended to be just sophisticated enough to achieve their intent.

"If you're an attacker and don't have to expose your best tools and processes to compromise an enterprise, why wouldn't you save them for future targets that may be harder to crack?" Cole told FCW.

About the Author

Sean Lyngaas is a former FCW staff writer.


  • Cybersecurity
    CISA chief Chris Krebs disusses the future of the agency at Auburn University Aug. 22 2019

    Shared services and the future of CISA

    Chris Krebs, the head of the Cybersecurity and Infrastructure Security Agency at DHS, said that many federal agencies will be outsourcing cyber to a shared service provider in the future.

  • Telecom
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA softens line on looming EIS due date

    Think of the September deadline for agencies to award contracts under the General Services Administration's $50-billion telecommunications contract as a "yellow light," said GSA's telecom services director.

  • Defense
    Shutterstock photo id 669226093 By Gorodenkoff

    IC looks to stand up a new enterprise IT program office

    The intelligence community wants to stand up a new program executive office to help develop new IT capabilities.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.