When fears crop up about North Korea, the threats posed by the nation’s nuclear capabilities invariably come to mind, but the nation’s cyberattack capabilities
are an increasing cause for concern.
The Korea Institute of Liberal Democracy
[KILD] recently hosted a seminar entitled “Diagnosis and Solutions on
Cyberspace and National Threat” in Seoul to delve deeper into the isolated
country’s hacking technology and its implications for the South. Park
Chun Shik, former head of National Security Research Institute; Yoo Sung Ok,
head of Institute for National Security Strategy; and Yoo Dong Yul, head of the
KILD , were among the prominent figures in the field shedding light on these
issues at the event.
The panel stated that since 2000, North Korea has waged cyber
attacks on the South Korean government, banking, and media sites, including the
Ministry of Foreign Affairs, the Korea Atomic Energy Research Institute, the Korea
Testing Laboratory, and the JoongAng Ilbo–one of the three largest newspapers
in South Korea.
In 2013, KBS, MBC, YTN also joined the list of South Korean networks North Korea successfully hacked in the nascent history of its cyberattacks. On one particularly
notorious occasion, and a source of deep embarrassment for South Korea, was the
appearance of “Long live the Unification President, Kim Jong Eun,”
sprawled across the Cheongwadae’s splash page.
The following year, North Korea hacked
South Korea’s Hydro & Nuclear Power Company and Agency for Defense
Development (ADD). The cyberattack on ADD led to the leakage of hundreds of
documents categorized as either second or third-degree classified military
information. The hackings were highly organized and scrupulously planned,
leaving no doubt that they were orchestrated on a state level, the event’s speakers asserted.
Another method frequently employed by the
North is the development of cheap computer game programs, in which North Korea
embeds malicious codes in the software and sells them to South Korean game operators, thereby disseminating
the virus while simultaneously raking in foreign currency.
The experts at the seminar explained that North Korean agents and pro-North Korean
activists are using foreign servers and email accounts to evade South Korea’s
national security agencies. It is difficult for the South Korean government to
ask these foreign server companies to cooperate with its investigation on users
who are suspected of hacking other websites. Issuing a search warrant would be
ineffective, as foreign companies are not always subject to South Korean
laws.
One of the primary reasons North Korea has
consistently poured time and resources into launching these cyberattacks on
South Korea is simply that the cyber infrastructure in the latter is highly
developed. As of July 2014, more than 91% of South Koreas population used the
Internet [including mobile device users], which boasts speeds of 25.3Mbps–5.6
times the world average.
In addition, for the North Korean
authorities, cyberattacks are deemed a highly efficient way to do damage at a
relatively low cost. Prior to the advent of the Internet, North Korea had to
physically dispatch agents to the South to obtain information; now, on the
other hand, the North can swiftly and anonymously attain extensive amounts of
invaluable information online.
In fact, North Korea places
cyberwarfare among the its top three types of warfare (the others being nuclear
and armaments) and is estimated to have approximately 6,000 hacking agents. Kim
Jong Il even underscored the gravity of cyberwarfare to his ranking officials,
declaring, “The 21st century warfare will be information warfare. The
information about the enemy’s military technology and command will determine
who wins or loses a war.”
Yoo proposed possible methods to counter
North Korea’s cyberattacks, namely the passing of a comprehensive national
cyber security law, which would encapsulate the specific roles of each government
department and outline punishments for perpetrators of cyber threats. “The
current National Security Act of South Korea, which prohibits ‘activities
compromising the safety of the state’ is insufficient for preventing national
threats,” Yoo asserted.
“In addition, we need to induce the
international community to cooperate with us,” he stated, adding that the
South Korean government will need to ratify agreements on joint investigations
and a memorandum of understanding with foreign intelligence agencies and Interpol
(International Criminal Police Organization), especially considering how many North
Korean hackers use foreign servers and emails.
“We also need legislation that limits the
foreign server companies’ business activities in South Korea if they refuse to
cooperate with legal investigations,” he concluded.
