Major North Korean Cyber Attack on South

The US is ripe for attack.

South Korea believes that the North Korean regime is behind an act of cyber sabotage against a major bank in April and has profited from hacking into online gaming servers. The increasing cyber aggression should worry the West, as the North Korean regime is unpredictable and could also help other enemies of the U.S. carry out attacks of their own. Its hackers are only one order away from doing serious damage to the economy of one of its enemies.

The attack on Nonghyup Bank came through the infected laptop of a contractor. The hackers were able to use the laptop to disseminate viruses throughout the bank’s computer networks, and on April 12, half of its servers suddenly crashed. About 30 million people were unable to make online financial transactions or use the bank’s ATMs, and the bank lost important information.  Investigators traced the attack back to servers used in previous North Korean attacks, including one belonging to a regime entity in China. The sabotage was eventually linked to the North Korean regime’s Reconnaissance General Bureau. The lead South Korean investigator declared, “This was an unprecedented act of cyberterror involving North Korea.”

North Korea has also used its cyber warfare capabilities for illicit fundraising. The South Koreans have arrested five citizens for working with a group of 30 North Korean hackers in China. They stole $6 million from online gambling sites over two years. The hackers used programs to inflate the number of points they accumulated without actually playing any games. About 55 percent of the intake went to the hackers, and some of the rest went to the regime’s slush fund, which also contributes to its nuclear weapons program. The Korea Computer Centre of Pyongyang is thought to have orchestrated the scam.

Cyber sabotage is tempting for North Korea because it’s cheap and the victims can’t retaliate in kind. Computer access is a rarity in the North, and cyber attacks are not as likely to prompt a violent reaction. The North has been regularly taking advantage of its enemies’ reliance upon the Internet. In March, the North Koreans hit nearly 30 South Korean websites with denial-of-service attacks, including those belonging to the Defense Ministry and Office of the President.

In May 2009, the regime ordered its Lab 110 to “destroy” South Korean communications systems. The next month, the North attacked South Korean and American websites, including those of the U.S. Secret Service and Treasury Department. A North Korean spy was also arrested in South Korea for trying to steal information about Seoul’s railway systems. In 2009, the North’s cyber warfare unit hacked into a South Korean military network and obtained data about critical infrastructure.

North Korea carries out up to 15,000 cyber attacks on the South every single day. Its elite unit, whose capabilities rival that of the CIA, operates from a luxury hotel in China. One study says that the total cyber force numbers over 12,000 personnel and has an annual budget of $56 million. Defectors have put the number much higher at around 30,000. Secrecy surrounds the schools where hackers are taught, with one permitting access to only one outsider: Kim Jong-Il.

The students are often trained in China and Russia after graduating from North Korea’s schools. Their capabilities are rightly feared. One 2006 study concluded that they could “paralyze the U.S. Pacific Command and cause extensive damage to defense networks inside the United States." Richard Clarke, a former top terrorism advisor to the Clinton and Bush administrations, warns, “While a cyber attack on the United States seems like an irrational act for any nation state, North Korea regularly does things that seem like irrational acts.”

It is also possible that North Korea will help a terrorist group or Iran develop cyber warfare capabilities. In March, Iran officially started its own cyber warfare unit. The leader of it said it will “fight our enemies with abundant power in cyberspace and Internet warfare.” At a meeting between officials from the Iranian Revolutionary Guards and scientists around the same time, the U.S. power grids were reportedly named as the best target for a potential attack. It is believed that Iran’s cyber warfare forces consist of at least 2,400 personnel with an annual budget of around $76 million.

The U.S. and its allies must seriously address their vulnerabilities and come up with a declared policy on how to respond to cyber attacks. A member of the 2008 U.S. Commission on Cybersecurity said, “We’re playing a giant game of chess now and we’re losing badly.” Richard Clarke warns of an “electronic Pearl Harbor.”

For North Korea and our other enemies, the West’s Internet-dependent societies are ripe for attack. The economic consequences of even a single attack on a major financial institution can be devastating. The West is lucky it hasn’t happened yet, but that doesn’t mean it won’t happen in the future.