N. Korea hit by large-scale cyber attack,repercussions in cyberspace

North Korea is the center of attention these days for its questionable political strategies and for the dispute raging with the entire West. The contrasts have an inevitable reflection even in cyber space, North Korea is considered one of the most aggressive and dangerous states of digital world.

Military tensions in the area is escalated dramatically after the North conducted its third nuclear test last month that has caused the immediate condemnation of the international community, Pyongyang responded to the subsequent UN sanctions menacing the use of nuclear weapons.

Western intelligence agencies known the attention given by Korean cyber militias to governments considered hostile. There are countless cyber operations of cyber espionage and more generally of cyber warfare against the West and the historical opponents such as South Korea.

Last week North Korea has been hit by a massive cyber attack according the declaration of a South Korean government official that also added the government of Seoul is investigating on the event denying every responsibility.

Russia’s ITAR-TASS news agency, which has an office in Pyongyang, reported the events on Wednesday night, all web sites of the country went offline until late Thursday afternoon.

“Internet resources of the country have come under a powerful hacker attack from abroad,” Russian agency reported.

The attack blocked popular propaganda web site such as the Rodong Sinmun and the Korean Central News Agency (KCNA).

“Internet servers operated by our republic have come under daily cyber attack(s) which are persistent and intensive”, The KCNA reported.

The agency accuses United States and South Korea for the attack defined as “a  “cowardly and despicable act” motivated by fear”.

The dimension of the attack suggests that it isn’t the work of an individual or a disorganized group, of course immediately the suspicions have focused on South Korea Government, Ryu Dong-ryeol at Ryu Dong-ryeol declared:

“It’s inconceivable that the Internet network of the North has been under hacker attack for such a long period of time,” “It’s likely that the regime has staged the incident itself as a way out of its current international impasse.”

Let’s analyze the cyber capabilities of both Koreas, in a previous post titled “North Korea scares the West” I wrote on North Koreas using following statements:

“North Korea has the highest percentage of military personnel in relation to population than any other nation in the world, with approximately 40 enlisted soldiers per 1000 people with a considerable impact on the budge of the country.  Don’t forget also that North Korea has capabilities that also include chemical and biological weapons.  A defector has declared that North Korea has increased its cyber warfare unit to staff 3,000 people and it is massive training its young prodigies to become professional hackers.

Intelligence sources in South Korea believe that the Nation has a large a cyber force that responds to the command of the country’s top intelligence agency, the General Reconnaissance Bureau.

The Reconnaissance Bureau of the General Staff Department is responsible for collecting strategic, operational, and tactical intelligence for the Ministry of the People’s Armed Forces, and this special units are responsible of the cyber attacks conducted in the last years against foreign countries like South Korea. The US military officials have reported to the House of Representatives Armed Services Committee that North Korea has large conventional military, has developed a worrying nuclear weapons programs, acquiring new capabilities in ballistic missiles sector and improving cyber warfare techniques.

According the revelation of Army General James Thurman, the commander of US Forces Korea, the government of Pyongyang is massive investing in cyber warfare capabilities, recruiting and forming high skilled team of hackers. The groups will could be engaged in offensive cyber operation against hostile government and in cyber espionage activities.”

According South Korea intelligence, the North cyber units are responsible for large-scale cyber attacks against the country occurred in 2009 and March 2011.

On the other side South Korean military set up the special cyber command in 2010 and established a cyber warfare school in 2012 with Korea University.

“South Korea is an IT superpower with good infrastructure but remains relatively vulnerable to hacking,” said Park Soon-Tai, manager of the agency’s hacking response team.

The training program was launched to increase the cyber capabilities of the country and to respond to  continuous  cyber attacks that hit South Korea. The Korea Internet Security Agency recorded 40,000 cases of cyber attacks from foreign and domestic sources in 2012, up from 24,000 in 2008.

The South’s military has also established  a special alert level system dubbed Infocon that reflects the current likelihood of an imminent cyber attack, the Infocon level passed from five to four due the tension in Korean area, a level defined by South Korea’s defense minister as a “general threat.”

Certainly what has been observed is just the beginning, the dispute between the two Koreas in cyber space involves, and will involve, an increasing number of states with unforeseeable consequences.

Pierluigi Paganini

(Security Affairs – Cyber warfare)

 

UPDATE 2013-03-20

S. Korea info networks paralyzed after suspected hack, Seoul points at North

South Korea has stepped up its information surveillance status following a suspected cyber-attack that paralyzed banks and broadcasters. A team of investigators is now looking at the origins of the cyber-assault.

South Korean police have issued a statement saying they are investigating reports of a hack attack that brought down a number of South Korean broadcasters, as well as two banks.

Among the broadcasters hit by the alleged hack attack were KBS, MBC and YTN networks, reported Yohap news agency.