The Korea Herald

지나쌤

[Editorial] Cyber terrorism

By 최남현

Published : May 6, 2011 - 11:27

    • Link copied

The prosecution’s conclusion on Tuesday that North Korea was to blame for the paralysis of the computer network of the National Agricultural Cooperative Federation is a chilling reminder of the pariah regime’s determination and capability to launch cyber attacks against the South.

The prosecutors defined the North’s hacking into the NACF’s computer system as a new form of cyber terrorism.

Before the April 12 assault on the NACF, also called Nonghyup, the North had mounted distributed denial-of-service attacks against the South twice ― on July 7 in 2009 and March 4 this year. In both cases, the hackers temporarily disrupted homepages of government agencies and private companies.

But the attack on Nonghyup was completely different in that it aimed at destroying the computer system of a single target. The intrusion caused 273 of Nonghyup’s 587 servers to crash, paralyzing the bank’s online services for weeks.

What is troubling is the possibility of the North launching similar attacks on other targets. According to the prosecutors, several thousand computers in the South have become zombie computers by downloading the malicious programs the North’s hackers put on a file storage site in July last year. Of them, the North is known to be controlling some 200 with strategic value.

One of them was the laptop computer owned by an employee of IBM Korea who was in charge of maintaining Nonghyup’s computer network. The employee monitored the bank’s entire servers through his laptop. Aware of this, the hackers controlled it for seven months to make preparations for the attack.

The prosecutors said it is impossible to identify the zombies that have been under the North’s control since July. This means Pyongyang can launch cyber terrorism at other important targets. It is past time for the government to take the threat of cyber terrorism seriously and take steps to step up cyber security. Companies and public agencies are advised to follow basic security tips such as changing administrator passwords frequently.