North Korean hackers steal F-15 design

Photo credit: GongTo /

North Korean hackers have stolen a trove of documents from South Korean defense firms, including wing designs for the U.S. F-15 fighter jet, authorities in Seoul said on June 13, according to news reports.

The hackers stole over 40,000 documents from South Korean defense firms in a campaign that began in 2014 but was only discovered this year, the Wall Street Journal and Reuters reported. The hacking campaign targeted over 140,000 computers at 160 South Korean firms and government agencies, Reuters reported.

Boeing makes the F-15, which is flown by the South Korean military.

The alleged cyberattack on South Korean firms is the latest in a series of bold cyber maneuvers linked to North Korea. The reclusive dictatorship in Pyongyang has allegedly used cyberspace to try to claw back money and influence from an international system from which it is increasingly isolated.

News reports quoted South Korean police as saying the detected intrusions were preparation for a much larger cyberattack on South Korean assets.

"The North has, time and again, proved its willingness to trample on the norms of state behavior and this latest alleged attack in cyberspace is in keeping with that pattern," Rep. Jim Langevin (D-R.I) said in a statement to FCW. "If, as has been reported, the DPRK was planning on launching a cyber attack from these compromised computers, the community of nations must respond forcefully."

Security firm Symantec has linked the hackers who stole $81 million from a bank in Bangladesh in February to the 2014 hack of Sony Pictures Entertainment. The Obama administration blamed North Korea for the late-2014 Sony Picture hack and leveled sanctions on North Korea officials in retaliation. 

North Korea is "capable of conducting damaging and disruptive cyberattacks during peacetime," according to a December 2015 report from the Center for Strategic and International Studies. In wartime, the North Korean regime would shift to targeting the command and control networks of the South Korean and American militaries, the report predicted.

Tony Cole, global government CTO at FireEye Inc., said cyberattacks on South Korean infrastructure have tended to be just sophisticated enough to achieve their intent.

"If you're an attacker and don't have to expose your best tools and processes to compromise an enterprise, why wouldn't you save them for future targets that may be harder to crack?" Cole told FCW.

About the Author

Sean Lyngaas is a former FCW staff writer.


  • Elections
    voting security

    'Unprecedented' challenges to safe, secure 2020 vote

    Our election infrastructure is bending under the stress of multiple crises. Administrators say they are doing all they can to ensure it doesn't break.

  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.