South Korea needs to take action to deal with Pyongyang’s hackers
South Korean policy makers are calling for urgent measures to deal with hacking by North Korea.
“The regime in Pyongyang views cyber attacks as a panacea and an insurance policy. They are intensively training hacking experts,” said Park Choong-kwon, a defector who is now a ruling People Power Party lawmaker in South Korea’s National Assembly.
Pyongyang has stolen 4 trillion won worth of cryptocurrency through cyber attacks, Park said. It has also stolen large amounts of personal information and sought to cause social disruption in South Korea through malicious comments and fomenting of internal conflict.
Park made the comments at a seminar held on July 3 under the theme of “The Reality of North Korean Hacking and Countermeasures.”
There is no doubt as to the intensity of North Korea’s efforts in this disruptive direction. According to the security analysis firm Logpresso, there were over 13,000 hacking attacks over the past year.
South Korean security experts pointed out that while past attacks were institution-focused, tactics have shifted towards individuals with weak security by spreading malware through phishing sites.
The evolution of North Korea’s hacking technology is rooted in its concerted efforts since 1995 to secure cyber capabilities. That was when it developed the first strategic plans and techniques, and established cyber units as well as a command system for cyber warfare.
The hacking attacks became apparent around 2009. Starting with the 7.7 DDoS attacks in July 2009, they caused a network disruption at Nonghyup Bank, one of South Korea’s leading banks, in 2011. In 2012, they hacked the JoongAng Ilbo newspaper. Other notable incidents attributed to North Korea include the March 20, 2013, attack on several government and private sector websites, the 2014 Sony Pictures hack, the 2016 Interpark personal information leak, and attacks on South Korea’s internal defense network.
Techniques have continuously evolved. An example of this is the cryptocurrency theft using ransomware in 2017 when, through the ‘WannaCry 2.0’ ransomware attack, North Korea paralyzed aviation, rail, and medical networks in 150 countries, demanding cryptocurrency in exchange for restoring the systems.
On May 16 this year, the U.S. Department of the Treasury identified North Korea and Russia as the most threatening countries in the field of proliferation finance, which refers to the financing of weapons of mass destruction..
Specifically, it pointed out that North Korea continues to engage in malicious cyber activities, such as hacking virtual asset providers and conducting ransomware attacks, to generate illegal profits in both fiat and virtual currencies.
The United Nations Security Council Sanctions Committee on North Korea has also mentioned Pyongyang’s revenue generation through cyber attacks in past panel reports. According to the committee, ransomware targets have included medical institutions and critical social infrastructure worldwide. It said 40 percent of the profits from these activities were directed toward nuclear weapons development and other regime priorities.
Hacking strength lies in training
The irony of its hacking prowess is that North Korea allows only a very small number of people to access the Internet.
Elite Senior High Schools have been established to train hackers. In Pyongyang, Namsan High School, Kumsong Senior High School, and Second Middle School were reorganized to include special computer classes with talented children selected at the city, county, and district levels.
During the six-year curriculum at Kumsong Middle School, for example, students focus intensively on algorithm writing and programming and then go on to study at the College of Computer Science at Kim Il-sung University, Pyongyang University of Computer Technology, KimChaek University of Technology, Hamhung University of Computer Technology, and other scientific universities.
There, they undergo advanced training in command automation, computational operations, and technical reconnaissance.
By the time they reach their twenties, this rigorous system has transformed the best and brightest into world-class cyber warriors.
The skills of these students, particularly those who have passed through Kumsong Middle School, are evident from the fact that KimChaek University of Technology and Kim Il-sung University swept the top four positions in a monthly hacking competition hosted by the American IT global company Hackers in May last year.
“North Korea focuses on its cyber capability because it is less costly to establish and maintain,” said Kim Heung-kwang, who lectured at Hamhung University of Computer Technology. “Moreover, unlike high-risk physical military actions, cyber power can paralyze command systems, making it highly effective even during peacetime.”
He added that the attackers do not use North Korean IP addresses. “The reality is that unless these people are apprehended in China, it is impossible to hold North Korea openly accountable,” he said.
Despite the increasing severity of North Korea’s cyber attacks, there are no effective countermeasures.
“South Korea urgently needs to establish relevant laws and systems, such as a Basic Cybersecurity Law, similar to those in the US and the EU,” said Kim, a North Korean political scientist.
- North Korea tries to attract foreign investment - August 23, 2024
- Ministries under pressure to meet research goals and improve conditions for scientists and engineers - August 16, 2024
- North Korea develops agricultural drones - August 2, 2024