North Korea: How the Least-Wired Country Became a Hacking Superpower:
This year, North Korea has been flaunting its nuclear hardware in an effort to extort concessions from the United States and South Korea.
But the tactic has failed to provoke panic for one key reason: Officials doubt that Pyongyang would be stupid enough to start a nuclear war.
While nukes are better seen than used, and thus of limited blackmail value, dictator Kim Jong Un possesses a quieter weapon that's more readily unleashed — and has already become a serious nuisance: cyber war.
Experts say Pyongyang typically deploys it about once a year, although it's not always clear that North Korea is behind the attacks.
The most recent offensive hit Seoul in April 2013. The strike disabled anti-virus software, brought down ATMs across the country and froze online banking systems for days. About 30,000 computers had their hard drives wiped and went dead.
In an Austin Powers-style twist, the malicious software displayed pixilated skulls on the monitors of infected machines.
After initially saying the strike originated in China, officials tracked it to a specific Pyongyang neighborhood. A month before the assault erupted, they said, hackers had quietly planted a simple but devastating software program on computers at three South Korean television broadcasters and three banks. Authorities identified the code as a hard-drive wiper called "DarkSeoul," first identified a year ago.
(Read More: North Korea Sends Top Kim Jong-Un Aide to Beijing)
Although this type of virus is relatively simple and has been around since the early 1980s, experts acknowledged that its impact was devastating. A computer security expert from Cisco, Seth Hanford, wrote that the "highly targeted" attack led to significant downtime and a "severe" loss of data.
On April 12, North Korea denied it was the culprit, but the South has maintained the accusation.
Although North Korea is among the poorest and most isolated countries, it is surprisingly adept at hacking — a testament to how dangerously accessible cyber warfare is to anyone that wants to pursue it.
Training a cyber brigade, it turns out, does not demand high levels of tech sophistication, and is a handy way to pester a far stronger foe.
A Convenient Arsenal
On the Korean battlefield — which remains manned 60 years after the end of the shooting war that divided the Koreas — the North is indisputably outgunned and outmaneuvered. That fact has led Pyongyang to adopt a modified guerrilla warfare strategy. As the Pentagon described it in a May report to Congress: "North Korea uses small-scale attacks to gain psychological advantage in diplomacy and win limited political and economic concessions."
In the 1970s and 1980s, Pyongyang sent agents on risky operations to sabotage South Korean targets and hijack one South Korean civilian airliner. In November 2010, the north launched an artillery barrage at an island near the DMZ, and sunk a South Korean naval corvette in March 2010, leaving 46 South Korean sailors dead.
Strikes like these, however, can provoke dangerous retaliation. In contrast, cyber warfare supports the nation's military strategy, and carries less risk.
A digital offensive requires a "very low developmental cost and can bring catastrophic results," said Hyeong-wook Boo, an analyst at the Korea Institute for Defense Analyses, a think tank in Seoul. "The North Korean espionage team sees cyberspace as a very favorable place for its activities."
(Read More: North Korea Fires Fifth Missile in Three Days)
The threat has been looming since the late 1990s, when North Korea unleashed its first basic denial of service (DDoS) attacks on its neighbor. Since then, the computer plots have become somewhat more sophisticated, targeting South Korean banks and businesses with malware and throwing the occasional wrench in the markets.
According to the National Intelligence Service, South Korea's spy agency, the north was probably behind six cyber attacks from 2008 to 2012. Two of the largest came in 2009 and 2011, when Seoul accused the North of sneaking malware into its biggest banks and attacking government websites.
In the first of these, the US was also a key target.
Starting on July 4, 2009, hackers activated a "botnet" of 50,000 hijacked zombie computers to coordinate three waves of assaults targeting the public websites of the Pentagon and White House. The denial of service attacks also disrupted the websites of the South Korean intelligence agency and a major South Korean newspaper, but did not bring them down completely.
Two years later, Seoul accused North Korea of unleashing a far stronger salvo of denial-of-service attacks on government and banking cyber-networks. The South Korean government said that North Korean hackers had gained control of the laptop of an IBM employee, who was a cyber security contractor for the large Korean bank, Nonghyup. (IBM did not respond to calls seeking comment.)
The sleuths managed to access the company's entire banking system. The attack was contained by government-backed antivirus programs, but authorities admitted they were worried by the magnitude of the onslaught.
The March, 2011 attack turned out to be the most devastating so far. The episode, if committed by the North Korean military, demonstrated that while North Korea still hasn't reached an incredible sophistication in its hacking brigade, it still has the potential to wreak havoc with a well-placed and well-timed assault.
"They targeted the spots they've always wanted to target," said Andrei Lankov, a North Korea expert at Kookmin University in Seoul. "It is highly likely that this was committed by North Korea. They hit the banks, because they've always want to inflict damage on the South Korean economy. Their reason for attacking the media was to show contempt for them as mouthpieces."
'via Blog this'
No comments:
Post a Comment