Did you see the news headlines that North Korean hackers may have stolen U.S. war plans to defend South Korea?
The South Korean military is currently investigating the cyber attack. The plans are said to include an outline of Seoul’s and Washington’s strategy in the event of war on the Korean Peninsula.
This document included details of military operations involving South Korean and U.S. troops should North Korea conduct a pre-emptive strike or attempt to invade South Korea. This 11 page document was used to brief military and government leaders on the joint U.S. and South Korean military plans.
One source stated that the document included details about the 700,000 US troops that would be used in the event of a full-scale war. It is also thought to include a list of targets in North Korea.
The highly sensitive documents appear to have been stolen last month. An unsecure and possibly compromised USB thumb drive was used to copy the document and it is believed that was the means of cyber compromise.
Sources close to the event say that the systems security software should have issued a warning message if an external memory device is inserted into a military computer, but hackers may have been able to steal the military secrets because a military officer neglected these warning messages and broke regulations.
It was reported that the military officer working at the ROK-U.S. Combined Forces Command was disciplined for mishandling the highly-classified military data. People remain the weakest link in cyber security.
FACT: The plan title was named OPLAN 5029
FACT: The U.S. has 28,500 troops based in South Korea.
{ 14 comments… read them below or add one }
OPLANS are just notional. They get thrown out as soon as the $*** hits the fan.
At least we hope they are just notional! Anyway, I agree that while the plans are probably what any armchair general would propose (targets, purpose, approach, etc.), it is another example of how security in the digital age needs to start with a complete commitment from the individuals responsible for its security. I know that we all make mistakes, but it seems to me that with the UK's issues of laptops, and our past issues with cyber security would make this an issue that is at the forefront of security personnel on a daily basis. I wonder what affect the new Cyber czar (H. Schmidt) will have on this emphasis. Particularly that he believes the greatest issues are "encryption, strong authentication, and secure software development." Maybe he needs to add the human element into that summary!
I just asked several people about the "Cyber Czar" and this issue. The answer was loud and clear. THE CYBER CZAR has little if any direct influence over the Military (AKA DoD). That was the overwhelming response.
Thanks so much Kevin on your reporting and follow-up on these issues! I'm curious, does the DoD have centralized leadership on cyber security for the dept., or is it more decentralized toward the departments/branches?
Dave are you talking about U.S. or South Korean DoD?
I think this story illustrates one of the biggest challenges facing cyber security efforts. You can design and implement the best security regimen in the world but if people act recklessly they put the information and systems being used at risk.
On people acting recklessly or with alternative motives. Most of security issues come from inside, not outside the net. With the recent Fort Hood shootings in mind, what if Hasan worked in DOD IT? What if had access to access to secure documents or sensitive data and decided to hand that info over to insurgents instead of going on a shooting spree?
That is a very very interesting point. I think a position paper on this might be in order!
This is at least the 2nd time the OPLAN was compromised. In 1999, some puke in Seoul left it sitting in a subway on a disk – DPRK agents following him picked it up. DPRK used to bomb us with propaganda leaflets showing us that they knew about 5027-98 (the current version when I was there)..
PrivateCitizen: I was a Scout PL in the ROK and part of the OPLAN. While the plan for the 2nd 24 hours might be notional, the planned unit locations for the 1st 24 hours are decidedly not notional. Compromise of the OPLAN is a big deal because it provides target locations for their RAGs and DAGs. Of course, with our reduced presence in ROK (and presumably reduced role in any war, specifically counter-battery role), maybe compromise won't matter that much after all. They already know where the cities and airfields are… it's the MLRS, ATACMS, and other batteries whose locations they need. If those units aren't playing anymore (and I have no idea whether they are or not) then the OPLAN doesn't do them as much good.
Still, losing the OPLAN at least twice in 10 years is amazingly bad OpSec.
Our DOD banned USB devices exactly because of a similar breach, yet we don’t insist our closest allies take similar precautions. Sad isn’t it.
Great the laptops being stolen and now this. Now yall know why we didnt want the F22 to be sold overseas as is.
Heck our enemies dont have to steal anything from us. We give it to our allies who they then steal it from. Depressing
SEAN: Gee thanks for setting me sraight, Sean. If you read what I wrote, you should notice that my comment is predicated on "Deceiving the Human Eye", and not which toys your enemy has to use. Your statement about Ebay tells me everything I need to know about your combat experience. You read too many books by "other" "experts" and playing war games on your X-Box does not make you a veteran. Anyone who has ever been in the "shiat" will tell you that the most obvious way to gain new equipment is to take it from some dead G.I.s!!! Not frukin Ebay! When I was in V.N., charlie wore black and did pretty well with it. Every snoop and poop outfit in the world wears black camo at night. In V.N. the VC would ambush a unit and take all of their gear
.SEAN….Part of my post was lost in transmission……I said, "In V.N. Charlie would ambush a unit and take their equipment. They would then use their captured M-16s in a fire fight, especially during a night probe of a firebase; we would hear the sound of M-16s and think they were friendlies until it was too late. Fancy toys are only good if just one side has them and there is a constant supply of batteries and it doesn't rain or get too cold.' Finally, One Willy Peter round will kick hell out of your night vision toys and maybe blind someone useing it!!!!"
I am not trying to be provocative but I must be honest, from what I can see in the pictures the "new" Army Camo looks like a well used painters throw rag. It seems that the Army and the Air Force are like woman in that they must have a new dress for every occasion.