South Korean police announced today, Sunday, that hackers from North Korea attempted to breach accounts of South Koreans involved in joint military exercises set to begin on Monday between Seoul and Washington.

The Gyeonggi Nambu Police Agency stated in a release that hackers suspected to be affiliated with the North Korean group "Kimsuki" launched "malicious email attacks" against South Korean employees working at the war simulation center of Seoul and Washington.

South Korea and the United States will start the "Freedom Shield" exercises on Monday, which are joint military drills scheduled to run until August 31 and aim to address increasing threats from North Korea.

According to the statement, "police investigations confirm that a group of North Korean hackers is responsible for the attack." The statement confirmed that the attack did not result in the theft of any military data.

The statement pointed out that an investigation conducted by South Korean police in collaboration with the U.S. military was able to trace the Internet Protocol (IP) address used by the hackers and match it to the IP address identified in 2014 during the hacking of a nuclear reactor operator in South Korea. At that time, the cyber attack on the nuclear reactor operator was attributed to "Kimsuki."

"Kimsuki" is a group of hackers that uses phishing techniques in their attacks, sending emails that initially appear harmless but contain malicious attachments that allow intruders to steal data from their victims.

Also, in 2020, the U.S. Cybersecurity and Infrastructure Security Agency indicated that "the Kimsuki group may have been tasked by the North Korean regime with global intelligence missions."