When It Comes To Cyberwarfare, North Korea Is No Newbie | WAMU 88.5 - American University Radio

NPR : News

When It Comes To Cyberwarfare, North Korea Is No Newbie

Who or what caused a takedown of computer systems at banks and broadcasters in South Korea on Wednesday is still a matter of speculation, but suspicion immediately and unsurprisingly fell on Seoul's archenemy to the north.

If true, it wouldn't be the first time that North Korea, often regarded as technologically backward, has successfully wielded the computer as weapon.

Computer antivirus maker McAfee says Pyongyang was behind two major denial of service (DDos) attacks in recent years — one in 2011 that was directed at South Korean government and banking websites, and another in 2009 that brought down U.S. government Internet sites. Pyongyang has denied involvement in either attack.

(And, as recently as last week, North Korea has also blamed the South for similar attacks.)

"It's got to be a hacking attack," Lim Jong-in, dean of Korea University's Graduate School of Information Security, was quoted by The Associated Press as saying of Wednesday's computer problems. "Such simultaneous shutdowns cannot be caused by technical glitches."

As AsianCorrespondent.com points out, Pyongyang has become something of a cyber-scapegoat in South Korea, leading to skepticism when companies point fingers northward for tech troubles. Even so, on Wednesday, the problems were "so wide-ranging ... that many feel, and fear, that the North is upping their game in the peninsula's cyberwar."

It might also seem a little too coincidental that Pyongyang threatened last year to attack several companies, including two that were hit by computer outages — broadcasters KBS and MBC.

Wednesday's attack, if indeed it was one, looks more sophisticated than a DDos attack, which as we've reported in the past, can be relatively simple to pull off.

An unnamed official from the state-run Korea Communications Commission, South Korea's telecom regulator, told the AP that in Wednesday's alleged attack, investigators speculate malicious code was spread from company servers that send automatic updates of security software and virus patches.

Korean broadcasters KBS and MBC said their computers went down at 2 p.m. "[and] ... were still down about seven hours after the shutdown began," the Associated Press reported, citing the Korea Communications Commission.

KBS employees said they watched helplessly as files stored on their computers began disappearing. According to the AP:

"Orchestrating the mass shutdown of the networks of major companies would have taken at least one to six months of planning and coordination, said Kwon Seok-chul, chief executive officer of Seoul-based cybersecurity firm Cuvepia Inc.

"Kwon, who analyzed personal computers at one of the three broadcasters shut down Wednesday, said he hasn't yet seen signs that the malware was distributed by North Korea.

" 'But hackers left indications in computer files that mean this could be the first of many attacks,' he said.

"Lim [Jong-in] said tracking the source of the outage would take months."

In March, U.S. Army Gen. James Thurman told the House Armed Services Committee that "North Korea employs sophisticated computer hackers trained to launch cyber infiltration and cyberattacks."

"Such attacks are ideal for North Korea" because they can be done anonymously, and they "have been increasingly employed against a variety of targets including military, governmental, educational and commercial institutions," Thurman said, according to Bloomberg. At that time, he didn't characterize North Korea's cyber capabilities as "significant."

A few months later, Lee Dong-hoon, a South Korean professor of information security, warned that North Korea's cyber capabilities were behind only those of the United States and Russia.

Seoul believes North Korea runs an Internet warfare unit aimed at hacking U.S. and South Korean government and military networks to gather information and disrupt service. And Daily NK, a website that tracks North Korea, says Pyongyang is believed to have been honing its capabilities since as far back as the mid-1980s.

According to Infosec Island, a cybersecurity blog, one attack in 2009 was instigated by the Reconnaissance General Bureau, a spy branch of the North Korean military. The bureau sold dozens of copies of infected computer games to someone in China who in turn resold the games in South Korea to operators of online games. The virus transformed users' machines into zombies for the purpose of launching DDos attacks against Seoul's Incheon International Airport.

Copyright 2013 NPR. To see more, visit http://www.npr.org/.

WAMU 88.5

Art Beat With Lauren Landau, July 28

You can see two solo exhibits featuring work that speaks in metaphor.
NPR

Rust Devastates Guatemala's Prime Coffee Crop And Its Farmers

Central American coffee farmers are facing off against a deadly fungus that has wiped out thousands of acres of crops. Coffee companies like Starbucks are pooling money to support them in the fight.
NPR

When Did Companies Become People? Excavating The Legal Evolution

The Supreme Court has been granting more rights to corporations, including some regarded as those solely for individuals. But Nina Totenberg finds the company-to-person shift has a long history.
NPR

What It's Like To Own Your Very Own Harrier Jump Jet

The Harrier Jump Jet is known for vertical take-offs and landings. It also has an accident-prone track record, but that didn't dissuade one pilot from buying his dream plane.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.