South Korea Cyber Command Hacked via "Vaccine Routing Server"

The South Korean Cyber Command center recently suffered a hack due to a vulnerability exploited in a “vaccine routing server” to which around 20,000 military computers were allegedly known to be connected.

While authorities have not blamed North Korea, authorities did point out that no military intranet computers were affected. Officials have also stated that no information is believed to have been stolen, but an investigation is underway to ascertain the identity of the attacker.

“A malicious code has been identified and it seems to have taken advantage of the vulnerability of the routing server,” said Rep. Kim Jin-pyo, a lawmaker of the main opposition Minjoo Party of Korea. “In a cautious measure, the server has been separated from the network.”

The military investigation aims to find out how the malicious code got into the “vaccine routing server,” and to prevent further such intrusions. Since no downtime was reported due to the breach, authorities believe chances are “very low” that confidential military information was leaked.

This is not the first incident in which a South Korean hack targeted military institutions or military contractors. Naval warship builder and defense contractor Hanjin Heavy Industries & Construction Co. suffered a security breach on April 20 that local military counter-intelligence services attributed to North Korea.

Television stations and banks were also believed to have been hacked by the same country in early March, affecting more than 32,000 computers at six organizations.