Gov't strengthens security measures after signs of hacking into gov't administration platform

채윤환 / 2025-10-17 14:27:17

govt-hacking

▲ This undated file photo provided by the interior ministry shows its office in Sejong, about 100 kilometers south of Seoul. (PHOTO NOT FOR SALE) (Yonhap)

govt-hacking

Gov't strengthens security measures after signs of hacking into gov't administration platform

SEOUL, Oct. 17 (Yonhap) -- The interior ministry said Friday it has strengthened security measures for online government systems after detecting signs of the government's administration platform being hacked.

The move came two months after Phrack, an online cybersecurity publication, reported in August that South Korean government branches and companies appeared to have been targeted by hackers.

"In mid-July, (we) confirmed signs through the National Intelligence Service (NIS) that an external internet PC accessed the Onnara system via the Government-Virtual Private Network (G-VPN)," the ministry said.

The Onnara system is the government's online work platform, which manages official documents and handles internal workflow.

The ministry said it strengthened security measures in response by requiring officials to go through extra authentication procedures when connecting to G-VPN for remote work.

The ministry said government public key infrastructure (GPKI) certificates of 650 officials were also presumed to have been targeted. GPKI certificates are used by public officials for authentication.

Most of the certificates had been expired, but three that remained valid were scrapped as of Aug. 13.

Officials suspect certificate information was leaked due to user carelessness.

The ministry said it plans to replace the GPKI-based authentication system with a biometric system when public officials access the government's internal administrative system.

Phrack earlier reported that the North Korean hacking group Kimsuky was behind the attack.

Signs of hacking were reportedly detected in the interior and foreign ministries, the military, the prosecution, as well as major companies, including Kakao Corp., Naver Corp., KT Corp. and LG Uplus Corp.

(END)