The massive computer network failures at top TV broadcasters and major banks on Wednesday are another painful reminder that the nation still remains highly vulnerable to cyber terrorism even after a series of similar attacks from North Korea in recent years.
According to reports, government investigators are analyzing the malicious programs they found on the crashed computer systems of the victimized companies, which included three TV broadcasters ― KBS, MBC and YTN ― and three banks ― Shinhan, Nonghyup and Jeju.
The malware is believed to have spread from update servers of the companies’ computer systems. An update server is a computer to which PCs on a network are connected for file and vaccine updating.
Investigators said the viral code was programmed to destroy the master boot record of an infected PC, thereby making it unbootable and irrevocably damaging the data stored in the affected area.
It is still unknown who staged the cyber attack and for what purposes. But the simultaneous crash of the computer networks at multiple companies suggests that it was carried out by a well organized group of hackers.
Investigators suggest that the perpetrators had made systematic and persistent efforts to infiltrate the computer systems of the targeted companies. The hackers probably waited until they could attack the targets simultaneously and maximize the impact.
In this regard, the government and the military point their fingers at the usual suspect ― North Korea. They note that the attack came five days after the North threatened to take revenge for what it called a “concentrated and persistent hacking attack” on its Internet servers.
The alleged hacking reportedly paralyzed the websites of the North’s state-run media outlets, such as the daily Rodong Sinmun newspaper and the Korean Central News Agency. The North blamed the United States and South Korea for the attack.
The North also has a track record of undertaking cyber terrorism. Although it denies responsibility, it has been found to have sabotaged the websites of the South’s government agencies and financial institutions over the past few years.
For instance, when a major daily newspaper suffered a cyber attack last June, the National Police Agency found that North Korea was responsible. The NPA also blamed it when a devastating attack brought down the computer system of Nonghyup in September 2010.
Yet it will take considerable time to determine who is responsible for the suspected cyber sabotage. If the North turns out to have engineered the hacking as suspected, the implications would be serious.
It could be a signal that the North has begun cyber warfare against the South in earnest. This means the North could target key infrastructure facilities in the South, such as the government’s backbone computer network and nuclear power plants.
In this respect, the attack should serve as an occasion to step up the nation’s preparedness against cyber terrorism. In recent years, the government and private companies have suffered hacking attacks several times. Each time, they pledged to ramp up preparedness. But their cyber security levels do not seem to have improved.
Now the government needs to come up with comprehensive measures against cyber attacks. It needs to recalibrate its strategies as hackers use more sophisticated technology. The hacking method used for Wednesday’s attack was more advanced than the one used in previous attacks on government agencies and other domestic institutions.
Going forward, cyber attacks will occur with increased frequency. The North has reportedly trained more than 30,000 hackers. To prepare for cyber warfare, the government needs to urge public agencies and private companies to invest in cyber security and set up multi-layer firewalls.
At the same time, it is necessary to raise awareness of the threat that cyber terrorism poses to national security. Public and private companies should be pushed to develop virus protection that includes educating employees about anti-virus procedures. Any prevention plan will be ineffective without actual user participation.
While reviewing the nation’s preparedness for cyber sabotage, the government needs to trace the culprits of the Wednesday attack and hold them responsible. At the same time, it needs to help the attacked companies restore their damaged computer systems and develop vaccines against the malware. Due to the lack of anti-virus software, the three broadcasters could not put their systems back online immediately.
According to reports, government investigators are analyzing the malicious programs they found on the crashed computer systems of the victimized companies, which included three TV broadcasters ― KBS, MBC and YTN ― and three banks ― Shinhan, Nonghyup and Jeju.
The malware is believed to have spread from update servers of the companies’ computer systems. An update server is a computer to which PCs on a network are connected for file and vaccine updating.
Investigators said the viral code was programmed to destroy the master boot record of an infected PC, thereby making it unbootable and irrevocably damaging the data stored in the affected area.
It is still unknown who staged the cyber attack and for what purposes. But the simultaneous crash of the computer networks at multiple companies suggests that it was carried out by a well organized group of hackers.
Investigators suggest that the perpetrators had made systematic and persistent efforts to infiltrate the computer systems of the targeted companies. The hackers probably waited until they could attack the targets simultaneously and maximize the impact.
In this regard, the government and the military point their fingers at the usual suspect ― North Korea. They note that the attack came five days after the North threatened to take revenge for what it called a “concentrated and persistent hacking attack” on its Internet servers.
The alleged hacking reportedly paralyzed the websites of the North’s state-run media outlets, such as the daily Rodong Sinmun newspaper and the Korean Central News Agency. The North blamed the United States and South Korea for the attack.
The North also has a track record of undertaking cyber terrorism. Although it denies responsibility, it has been found to have sabotaged the websites of the South’s government agencies and financial institutions over the past few years.
For instance, when a major daily newspaper suffered a cyber attack last June, the National Police Agency found that North Korea was responsible. The NPA also blamed it when a devastating attack brought down the computer system of Nonghyup in September 2010.
Yet it will take considerable time to determine who is responsible for the suspected cyber sabotage. If the North turns out to have engineered the hacking as suspected, the implications would be serious.
It could be a signal that the North has begun cyber warfare against the South in earnest. This means the North could target key infrastructure facilities in the South, such as the government’s backbone computer network and nuclear power plants.
In this respect, the attack should serve as an occasion to step up the nation’s preparedness against cyber terrorism. In recent years, the government and private companies have suffered hacking attacks several times. Each time, they pledged to ramp up preparedness. But their cyber security levels do not seem to have improved.
Now the government needs to come up with comprehensive measures against cyber attacks. It needs to recalibrate its strategies as hackers use more sophisticated technology. The hacking method used for Wednesday’s attack was more advanced than the one used in previous attacks on government agencies and other domestic institutions.
Going forward, cyber attacks will occur with increased frequency. The North has reportedly trained more than 30,000 hackers. To prepare for cyber warfare, the government needs to urge public agencies and private companies to invest in cyber security and set up multi-layer firewalls.
At the same time, it is necessary to raise awareness of the threat that cyber terrorism poses to national security. Public and private companies should be pushed to develop virus protection that includes educating employees about anti-virus procedures. Any prevention plan will be ineffective without actual user participation.
While reviewing the nation’s preparedness for cyber sabotage, the government needs to trace the culprits of the Wednesday attack and hold them responsible. At the same time, it needs to help the attacked companies restore their damaged computer systems and develop vaccines against the malware. Due to the lack of anti-virus software, the three broadcasters could not put their systems back online immediately.