A hack of as yet unknown proportions of the Defense Ministry's Internet and Intranet servers in August has been traced to an IP address in Shenyang, China.

Shenyang is near the border with North Korea and one of the key operation points for North Korean hackers. "The malware used in the latest cyberattack is similar or identical to the one North Korean hackers used before," a military officer said Tuesday.

The malware compromised the Defense Integrated Data Center, where all South Korean defense information is stored. It was set up in February last year as a hub for all military IT services, including the websites and Intranet servers of all armed forces branches, integrating scores of nationwide military computer systems.

Some 2,500 military computers with Internet access and about 700 computers connected to the Intranet were compromised by the malware, according to ministry data released to Minjoo Party lawmaker Kim Jin-pyo.

In the process, the computers of Defense Minister Han Min-goo and his staff were also compromised. That may have given the hackers access to intelligence from Defense Security Command and from the Defense Acquisition Program Administration.

But military authorities have tried to keep the extent of the leakage under wraps, firmly slamming the stable doors shut after the horse has bolted.

But a ministry source said "top secret intelligence" related to military operations is exchanged through an integrated network for the command, control and communication. "Fortunately, this network wasn't compromised." He added "not much" sensitive military information is passed through the Intranet, which is used "chiefly as an administrative tool."

The officer said the military only recently discovered that the Intranet had been hacked, "although we can't talk about any details." "We've been in the dark for about three months," he added.

The military was apparently only paying attention to protecting the Internet network from cyberattacks and was thus caught unawares.