When It Comes To Cyberwarfare, North Korea Is No Newbie | WAMU 88.5 - American University Radio

NPR : News

When It Comes To Cyberwarfare, North Korea Is No Newbie

Who or what caused a takedown of computer systems at banks and broadcasters in South Korea on Wednesday is still a matter of speculation, but suspicion immediately and unsurprisingly fell on Seoul's archenemy to the north.

If true, it wouldn't be the first time that North Korea, often regarded as technologically backward, has successfully wielded the computer as weapon.

Computer antivirus maker McAfee says Pyongyang was behind two major denial of service (DDos) attacks in recent years — one in 2011 that was directed at South Korean government and banking websites, and another in 2009 that brought down U.S. government Internet sites. Pyongyang has denied involvement in either attack.

(And, as recently as last week, North Korea has also blamed the South for similar attacks.)

"It's got to be a hacking attack," Lim Jong-in, dean of Korea University's Graduate School of Information Security, was quoted by The Associated Press as saying of Wednesday's computer problems. "Such simultaneous shutdowns cannot be caused by technical glitches."

As AsianCorrespondent.com points out, Pyongyang has become something of a cyber-scapegoat in South Korea, leading to skepticism when companies point fingers northward for tech troubles. Even so, on Wednesday, the problems were "so wide-ranging ... that many feel, and fear, that the North is upping their game in the peninsula's cyberwar."

It might also seem a little too coincidental that Pyongyang threatened last year to attack several companies, including two that were hit by computer outages — broadcasters KBS and MBC.

Wednesday's attack, if indeed it was one, looks more sophisticated than a DDos attack, which as we've reported in the past, can be relatively simple to pull off.

An unnamed official from the state-run Korea Communications Commission, South Korea's telecom regulator, told the AP that in Wednesday's alleged attack, investigators speculate malicious code was spread from company servers that send automatic updates of security software and virus patches.

Korean broadcasters KBS and MBC said their computers went down at 2 p.m. "[and] ... were still down about seven hours after the shutdown began," the Associated Press reported, citing the Korea Communications Commission.

KBS employees said they watched helplessly as files stored on their computers began disappearing. According to the AP:

"Orchestrating the mass shutdown of the networks of major companies would have taken at least one to six months of planning and coordination, said Kwon Seok-chul, chief executive officer of Seoul-based cybersecurity firm Cuvepia Inc.

"Kwon, who analyzed personal computers at one of the three broadcasters shut down Wednesday, said he hasn't yet seen signs that the malware was distributed by North Korea.

" 'But hackers left indications in computer files that mean this could be the first of many attacks,' he said.

"Lim [Jong-in] said tracking the source of the outage would take months."

In March, U.S. Army Gen. James Thurman told the House Armed Services Committee that "North Korea employs sophisticated computer hackers trained to launch cyber infiltration and cyberattacks."

"Such attacks are ideal for North Korea" because they can be done anonymously, and they "have been increasingly employed against a variety of targets including military, governmental, educational and commercial institutions," Thurman said, according to Bloomberg. At that time, he didn't characterize North Korea's cyber capabilities as "significant."

A few months later, Lee Dong-hoon, a South Korean professor of information security, warned that North Korea's cyber capabilities were behind only those of the United States and Russia.

Seoul believes North Korea runs an Internet warfare unit aimed at hacking U.S. and South Korean government and military networks to gather information and disrupt service. And Daily NK, a website that tracks North Korea, says Pyongyang is believed to have been honing its capabilities since as far back as the mid-1980s.

According to Infosec Island, a cybersecurity blog, one attack in 2009 was instigated by the Reconnaissance General Bureau, a spy branch of the North Korean military. The bureau sold dozens of copies of infected computer games to someone in China who in turn resold the games in South Korea to operators of online games. The virus transformed users' machines into zombies for the purpose of launching DDos attacks against Seoul's Incheon International Airport.

Copyright 2013 NPR. To see more, visit http://www.npr.org/.

NPR

Kids' Films And Stories Share A Dark Theme: Dead Mothers

Why do so many animated movies star motherless kids? Sarah Boxer, a graphic novelist, cartoon-lover and mother, talks to NPR's Kelly McEvers about the phenomenon and the message it sends to children.
NPR

What If The World Cup Were Awarded For Saving Trees And Drinking Soda?

We thought you'd get a kick out of seeing how the four teams in the final World Cup matches stack up in global health and development.
NPR

What Will Become Of Obama's Request For Immigration Relief Funds?

NPR's Arun Rath talks to political correspondent Mara Liasson about the chances of a political agreement over how to handle the migration of thousands of Central American children.
NPR

Looking For Free Sperm, Women May Turn To Online Forums

Bypassing commercial sperm banks, thousands are logging on to websites where women can connect with men at no cost. Anecdotes abound, but the scope of the unregulated activity is unclear.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.