A recent attack paralyzing the computer system of Nonghyup Bank has raised fears about North Korea’s cyber terrorism capabilities, especially following the past North Korean DDoS attacks on July 7, 2009, and March 4, 2011.
Although the two previous DDoS attacks only resulted in confusion for users of major governmental websites, the Nonghyup attack has shocked analysts due to the real damage it has caused to the financial property of individual South Koreans.
According to experts, since North Korean authorities have been developing the nation’s cyber terrorism capabilities by training professional hackers since the mid-1980s, it is possible and even likely that indiscriminate cyber attacks, which could cause more serious damage, may be launched in order to cause chaos in South Korean society. The reason for this is because the Internet is a much easier tool of attack to use than other tools of attack.
According to direct instructions handed down by Kim Jong Il in 1998, for each base of the People’s Army, military authorities have implemented high-tech information and computer education. After the Kosovo war, Kim Jong Il reportedly commented that, “The war of the 20th century was a war of oil and bullets, but the war of the 21st century is one of intelligence.”
In order to develop North Korea’s cyber terrorism capabilities and hacking technology through the cultivation of professional hackers, Mirim College, which changed its name to Kim Il Political Military University in 2000 and is known as a “secret college,” was founded in 1986.
This college, affiliated with the Ministry of the People's Armed Forces, educates some 100 world-class hackers every year and appoints them as military officials to hacking units under the General Bureau of Reconnaissance of the Ministry of the People's Armed Forces.
The South Korean National Intelligence Service stated on May 3rd that the main culprit behind the Nonghyup computer system attack was the General Bureau of Reconnaissance, which was also behind the Cheonan shinking in March and the Yeonpyeong Island shelling in November 2010. The General Bureau of Reconnaissance was formed through the merger of the Operation Department in charge of the infiltration and assistance of spy escorts, the No. 35 Department in charge of collecting information on South Korea and other countries, and the Bureau of Reconnaissance of the Ministry of the People's Armed Forces in February 2009.
Agents of the 121 Office, a cyber terrorism unit under the General Bureau of Reconnaissance, possess world-class hacking ability. South Korea’s intelligence authorities also confirm that there are around 1,000 cyber warriors in the General Bureau of Reconnaissance and that bases have been set up in several locations in China to carry out hacking operations.
Additionally, it has been reported that North Korean hackers have been recorded approaching the websites of the U.S. CIA and Department of State in recent years.
Im Chae Ho, Vice President of the KAIST Cyber Security Research Center, told The Daily NK, “North Korea’s hackers apparently have ten times the strike capability of South Korea’s. North Korea is, furthermore, currently at a stage where it can directly attack South Korea's infrastructure through the use of cyber terrorism.”
Experts explained that hackers working in perfect cooperation and being led by a coherent command system are much more dangerous than individual hackers and that North Korea’s hackers carry out operations from China and other third countries, which also adds to difficulties in uncovering their activities.
An expert on IT security pointed out, “North Korea’s ability is no less than that of China or Iran, which are both powerful nations when it comes to waging cyber war.”