The North Korean authorities have a group of almost 1000 people dedicated to conducting cyber attacks against targets in South Korea and elsewhere, according to South Korean intelligence.
At a hearing of the National Assembly’s Intelligence Committee attended by Won Se Hoon, the director of the National Intelligence Service (NIS), yesterday, lawmakers Hwang Jin Ha of the Grand National Party and Choi Jae Sung of the Democratic Party asserted that North Korea’s cyber attacking capacity is certainly worth focusing on.
According to NIS, North Korea’s hacking and cyber terror groups number between 700 and 800 persons acting on the orders of the General Bureau of Reconnaissance of the Ministry of the People’s Armed Forces. They have hacking bases in several places in North Korea, and some even operate in China.
Basing his speech on NIS materials, Hwang Jin Ha explained, “We presume that they (the North Korean cyber attack group) gather information and generate social unrest most of the time, while working to paralyze a country’s functions in war time.”
Committee members revealed in a briefing after the hearing that there have been approximately 48,000 North Korean cyber attacks against South Korean targets since January, 2004, and 9,200 during this year alone.
These have included attempts to hack into locations related to the preparatory committee for the G-20 meeting, which is scheduled for November 11-12, ROK-US Combined Forces Command and the computers of lawmakers’ and their aides.
Even though NIS acknowledges that it cannot confirm the source of the attacks, Hwang said that there is a high possibility of North Korean responsibility.
In August this year, Song Young Sun, a member of the National Assembly’s National Defense Committee revealed that there have been 1,763 cases of hacking into South Korean military computers in the last five years.
As Song explained at the time, “North Korea has been cultivating around 600 hackers under the No. 110 Office of the General Bureau of Reconnaissance since 2002. They prepare cyber terror attacks using IPs in the countries in which they reside in Europe or North America.”