North Korean hackers steal F-15 design

Photo credit: GongTo /

North Korean hackers have stolen a trove of documents from South Korean defense firms, including wing designs for the U.S. F-15 fighter jet, authorities in Seoul said on June 13, according to news reports.

The hackers stole over 40,000 documents from South Korean defense firms in a campaign that began in 2014 but was only discovered this year, the Wall Street Journal and Reuters reported. The hacking campaign targeted over 140,000 computers at 160 South Korean firms and government agencies, Reuters reported.

Boeing makes the F-15, which is flown by the South Korean military.

The alleged cyberattack on South Korean firms is the latest in a series of bold cyber maneuvers linked to North Korea. The reclusive dictatorship in Pyongyang has allegedly used cyberspace to try to claw back money and influence from an international system from which it is increasingly isolated.

News reports quoted South Korean police as saying the detected intrusions were preparation for a much larger cyberattack on South Korean assets.

"The North has, time and again, proved its willingness to trample on the norms of state behavior and this latest alleged attack in cyberspace is in keeping with that pattern," Rep. Jim Langevin (D-R.I) said in a statement to FCW. "If, as has been reported, the DPRK was planning on launching a cyber attack from these compromised computers, the community of nations must respond forcefully."

Security firm Symantec has linked the hackers who stole $81 million from a bank in Bangladesh in February to the 2014 hack of Sony Pictures Entertainment. The Obama administration blamed North Korea for the late-2014 Sony Picture hack and leveled sanctions on North Korea officials in retaliation. 

North Korea is "capable of conducting damaging and disruptive cyberattacks during peacetime," according to a December 2015 report from the Center for Strategic and International Studies. In wartime, the North Korean regime would shift to targeting the command and control networks of the South Korean and American militaries, the report predicted.

Tony Cole, global government CTO at FireEye Inc., said cyberattacks on South Korean infrastructure have tended to be just sophisticated enough to achieve their intent.

"If you're an attacker and don't have to expose your best tools and processes to compromise an enterprise, why wouldn't you save them for future targets that may be harder to crack?" Cole told FCW.

About the Author

Sean Lyngaas is a former FCW staff writer.


  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected