Hannah Bae (South Korea) - How Safe are Our Defenses Against North Korean Hackers?

Compare the Internet ecosystems of South and North Korea, and it's no contest which is more advanced. North Korea has trouble supporting its basic electrical infrastructure, let alone online communication, while in South Korea 95 % of homes connect to high-speed Internet and commuters tap into brand-new 4G mobile networks.

Yet how are North Korean hackers a threat to South Korea's unquestionably advanced online infrastructure?

The answer comes down to investment, South Korean experts say.

"North Korea is strategically nurturing its cyber warfare unit," said Lt. Gen. Bae Deuk-shin, the chief of the South's military intelligence command, at a computer security forum last month.

The Kim Jong-il regime is funneling manpower and resources into this cyber warfare unit and sculpting elite, young computer prodigies into professional hackers."North Korea last year raised the status of its cyber warfare unit under the Reconnaissance General Bureau and increased the number of troops in the unit from 500 to about 3,000," defector Kim Heung-kwang said in a separate cyber terrorism seminar in Seoul last month.

In 2010, Won Sei-hoon, the head of South Korea's intelligence agency, was quoted as saying to lawmakers, "North Korea's cyber ability is remarkable," elaborating on the regime's nationwide hacking networks, which extend to a host of bases in China and Russia.

South Korea's heightened sense of alert comes on the back of a malicious cyber onslaught over the past several years, which the Seoul government blames in large part on North Korea. Most recently, news broke in early June about a presumed North Korean e-mail attack on South Korean military officers seen as an effort to steal defense data. Earlier, a major local bank suffered a debilitating cyber assault on its ATM and credit card services, paralyzing operations and affecting more than 20 million people.

On several separate occasions - such as this past March and twice in 2009 - hackers crashed the servers for South Korean governmental and corporate websites through DDoS (distributed denial of service) attacks.

Various government sources in Seoul pinpoint Pyongyang as the culprit, although some online security experts question these conclusions. "Our search into the route of the DDoS attacks on South Korean and U.S. sites found a line coming from China," Won, the intelligence chief, said in his testimony to lawmakers following the July 2009 strike. He added that the hackers' IP address was traced back to North Korea's Ministry of Post and Telecommunications.

While investigating this year's DDoS attacks, South Korean prosecutors and police found hackers used the same techniques and IP address as in 2009, leading them to believe they originated at the same source.

So what is South Korea doing to respond?

Last week, Seoul's military announced the expansion of its own cyber warfare unit, doubling the number of troops to 900. In addition, the defense ministry has moved the unit under its wing to enhance efficiency and collaboration with the private IT industry.

State regulators also announced new computer security requirements for financial firms and banks - ripe targets for North Korea's anti-capitalist regime - a few weeks ago. Heightened network security is a new priority, with chief executives to be held accountable for breaches.

In addition, South Korea, an IT powerhouse, hopes to capitalize on its own people's prowess through events such as the Hacking Defense Contest, managed by the state Korea Internet & Security Agency with corporate sponsors such as Microsoft and Symantec.

And the top prize in this competition is only fitting for capitalist South Korea: 10 million won, or about US $9,400.

By Hannah Bae, an American journalist based in Seoul. A former intern at the John S. and James L. Knight Foundation, she is a tech enthusiast. You can follow her on Twitter at @hanbae.



« Carl Leonard (Global) - The Cybercrime 'Five': Are All Hackers the Same? Part 1


Thomas Senger (UK) - Urban Myths: Will the Ultimate Goal of the Paperless Office Ever be Achieved? »