The latest round of electronic break-ins on Wednesday added to tension across the border, rekindling concerns over North Korea’s increasingly sophisticated cyber warfare capabilities.
Police launched an investigation after major broadcasters of KBS, MBC and YTN and Nonghyup and Shinhan banks reported a paralysis of their websites and computer networks.
The South Korean military notched up its special alert level called INFOCON from 4 to 3. The Korea Communications Commission said malware was used in the attack, but said state infrastructure remains intact.
“We can’t rule out the possibility for North Korea’s involvement but it’s also difficult to forejudge,” Defense Ministry spokesman Kim Min-seok told reporters, adding that it will take time to fully analyze the case.
Police launched an investigation after major broadcasters of KBS, MBC and YTN and Nonghyup and Shinhan banks reported a paralysis of their websites and computer networks.
The South Korean military notched up its special alert level called INFOCON from 4 to 3. The Korea Communications Commission said malware was used in the attack, but said state infrastructure remains intact.
“We can’t rule out the possibility for North Korea’s involvement but it’s also difficult to forejudge,” Defense Ministry spokesman Kim Min-seok told reporters, adding that it will take time to fully analyze the case.
Though no evidence was found yet, past incidents and their patterns point to Pyongyang as a likely culprit.
The North is believed to be behind two big cyber attacks in 2009 and 2011 on South Korean state agencies and financial institutions. Between April and May last year, hundreds of aircraft and ships here saw their global positioning systems hit by jamming signals traced to North Korea.
But the latest incident appears to entail higher-grade hacking skills including malicious codes, experts say, citing its scale and simultaneousness.
All telecom operators servicing the broadcasters and banks said their own communications networks suffered no damage.
“It seems to be purposeful hacking particularly aimed at the victims,” Nam Bo-hyun, head of security business at SGA, a local information security firm, told Yonhap News.
Park Chan-am, chief researcher of security technology at Raon Secure, suggested that these attacks could be more sophisticated than the previous distributed denial-of-service attacks.
The network crash came less than a week after North Korea threatened to retaliate against Seoul and Washington’s “persistent and intensive” cyber attacks that led a number of its official websites to break down for about two days.
Pyongyang has also threatened to exit from the 1953 armistice, launch “diversified precision nuclear strikes” on Seoul and attack South Korean border islands since the allies began their annual joint military drills this month.
Some of the threats were carried by the Supreme Command of the (North) Korean People’s Army and announced by Kim Yong-chol, the hard-line chief of North Korea’s Reconnaissance General Bureau. He was lately reinstated to a four-star general three months after being demoted to two-star rank.
The RGB is believed to have masterminded a series of attacks against the South, including the sinking of the corvette Cheonan and the shelling of Yeonpyeongdo Island, both in 2010, and a 2011 hacking assault that paralyzed Nonghyup’s banking system for several weeks.
Foreign Minister Yun Byung-se said Wednesday that the government was “thoroughly preparing for possible various provocations such as an additional nuclear test, long-range missile launch or attacks on western border areas.”
Military officials and experts see electronic warfare as a major threat from North Korea, on top of its conventional forces and ongoing ballistic missile and nuclear weapons programs.
U.S. Forces Korea Commander Gen. James Thurman said in October the regime had a “significant” and growing cyber warfare capability. He said last March it was training an increasing number of “sophisticated computer hackers” to launch cyber infiltrations and attacks.
Shin In-gyun, president of non-profit Korea Defence Network, has said Pyongyang has been delving into electronic warfare since 1981 and now has as many as 5,000 specialists in operation, whereas the South only began devising its own tactics three to four years ago and currently deploys around 250 experts.
Lee Dong-hoon, a professor at the Korea University Graduate School of Information Security, said last June that the heavily militarized country runs a 3,000-strong special cyber army under the direct control of leader Kim Jong-un.
That gives it the world’s third-largest electronic warfare resources after Russia and the United States.
“North Korea has been preparing for cyber warfare since the late 1980s and is now the third strongest after Russia and the U.S.,” he said at a defense information security conference.
“In North Korea the state nurtures cyber personnel to achieve military aims, and is capable of conducting various cyber attacks including denial of service and hacking.”
With global computer literacy rapidly improving, electronic break-ins are emerging as a major source of diplomatic spats and world powers are beefing up their cyber warfare capabilities.
The state-run Korea Internet Security Agency said it recorded around 40,000 cases of hacking assaults from domestic and foreign sources last year, up a whopping 67 percent from 24,000 in 2008.
The U.S. and China have also been engaged in a war of words over accusations of cyber attacks and thefts.
A U.S. security firm called Mandiant said last month it had traced hacking at more than 140 businesses to a military unit in Shanghai.
Beijing’s Defense Ministry said late last month that some 62 percent of U.S.-based hackers attacked two Chinese military websites 144,000 times a month on average last year.
U.S. President Barack Obama highlighted the importance of addressing cyber security threats, which represent a “shared challenge,” during his phone call with his Chinese counterpart Xi Jinping last week, the White House said.
By Shin Hyon-hee (heeshin@heraldcorp.com)