It has been 13 days since the July 7th problems caused by the Distributed Denial of Service (DDoS) attack which paralyzed key websites in South Korea and the U.S.
The South Korean National Intelligence Service (NIS) asserted at the time that those who backed the attacks were either North Korean or pro-North Korea factions. However, despite such an accusatory assessment, North Korea has not responded in any way.
The NIS claims that the only group with the desire to conduct cyber terror attacks against both South Korea and U.S. key organizations is North Korea, and offered one piece of circumstantial evidences: that North Korea strongly denounced “Cyber Storm,” the June 27 U.S.-South Korea joint training exercise on possible cyber terror.
Suspecting that the act was that of a North Korean hacking organization disguised as a legitimate enterprise located in Shenyang, China, the NIS has been trying to track down the IP address. However, no clear evidence has emerged.
Meanwhile, North Korea’s response has been interesting. Generally, whenever the South Korean government so much as mentions the word "North," North Korea instantly produces a volley of aggressive claims about the possibility of military catastrophe. Pyongyang’s silence in the face of the NIS designation is somewhat unprecedented.
It is particularly exceptional that the North has not used the political offensive launched by the domestic leftist camp in South Korea last week, including the Democratic Party, as a means to foment tension, as it would normally be expected to do.
Therefore, experts suggest that North Korea's silence is ironically amplifying the NIS’s insistence on the North backed the cyber terror.
Ha Tae Kyung, the representative of Open North Korea Radio, stated, "If this were not a North Korean action, then they would probably try to explain the situation. But its silence only increases the probability of guilt."
He went on to explain, "The North may not have prepared subsequent steps of tactics for the period after carrying out the attack."
Another expert, a North Korean defector, suggests that the North Korean authorities have surmised that making an issue out of the cyber terror would do more harm than good because it was just a prelude.
He said, "The North must have considered the fact that if it launched an offensive against the South, then international caution could be triggered, withering its activities in China. Further, Pyongyang must know that while international tough sanctions against it, the subsequent regulation of cyber activities will have a negative influence on the North's future cyber battle."
An expert on security issues said that the North was most likely satisfied with the fact that it caused great disruption in South Korea, determining that it can safely maintain a neither confirm nor deny (NCND) policy. In other words, its intent is to continuously sustain a sense of threat in other countries while avoiding diplomatic responsibility.
The expert noted, "If North Korea did carry out the cyber terror attacks, then it gained experience of disturbing cyber networks and displayed its ability to cause a significant threat to South Korea’s IT-based society. Also, from the North's perspective, by showing the world its standard of hacking, it is able to prove that its cyber warfare capacity is comparable to its military strength. For what reason would it deny this?"
However, there has been much criticism of this viewpoint. In the case of the recent DDoS attacks, the perpetrator(s) mostly attacked South Korean and U.S. sites through zombie PCs, but the sense of threat felt by individuals was not significant, and sites that were targeted by the attacks were competently managed and the attacks contained, so the situation was not considered to be too serious.
Therefore, it has been suggested on the flip side that the North's silence may stem from its dissatisfaction with the results of the most recent attacks.
Presently, the police, the NIS and the South Korea Information Security Agency, as well as individual security agencies have begun to try and identify the IP address of the hackers who conducted the attack. Until the perpetrator of the attack is definitively revealed to be North Korea, Pyongyang will doubtless watch the situation in silence.
Representative of Open Radio for North Korea Ha said regarding North Korea's attitude moving forward, "North Korea has taken the stance of denying any connection with terror, so it is highly unlikely that it would acknowledge its role in these attacks.”