Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
Experts: NKorea training teams of 'cyber warriors'
Tuesday - 3/26/2013, 9:12am EDT
AP Technology Writer
SEOUL, South Korea (AP) -- Investigators have yet to pinpoint the culprit behind a synchronized cyberattack in South Korea last week. But in Seoul, the focus is fixed on North Korea, which South Korean security experts say has been training a team of computer-savvy "cyber warriors" as cyberspace becomes a fertile battleground in the nations' rivalry.
Malware shut down 32,000 computers and servers at three major South Korean TV networks and three banks last Wednesday, disrupting communications and banking businesses. The investigation into who planted the malware could take weeks or even months.
South Korean investigators have produced no proof yet that North Korea was behind the cyberattack. Some of the malware was traced to a Seoul computer. Without elaborating, police said Monday that some of the malicious code also came from the United States and three European countries, South Korea's Yonhap news agency reported. But South Korea has pointed the finger at Pyongyang in six cyberattacks since 2009, even creating a cybersecurity command center in Seoul to protect the Internet-dependent country from hackers from the North.
It may seem unlikely that impoverished North Korea, with one of the most restrictive Internet policies in the world, would have the ability to threaten affluent South Korea, a country considered a global leader in telecommunications. The average yearly income in North Korea was just $1,190 per person in 2011 -- just a fraction of the average yearly income of $22,200 for South Koreans that same year, according to the Bank of Korea in Seoul.
But for several years, North Korea has poured money into science and technology. In December, scientists succeeded in launching a satellite into space aboard a long-range rocket from its own soil. And in February, North Korea conducted its third nuclear test.
"IT" has become a buzzword in North Korea, which has developed its own operating system called Red Star. The regime also encouraged a passion for gadgets among its elite, introducing a Chinese-made tablet computer for the North Korean market. Teams of developers came up with software for everything from composing music to learning how to cook.
But South Korea and the U.S. believe North Korea also has thousands of hackers trained by the state to carry its warfare into cyberspace, and that their cyber offensive skills are as good as or better than their counterparts in China and South Korea.
"The newest addition to the North Korean asymmetric arsenal is a growing cyber warfare capability," James Thurman, commander of the U.S. forces in South Korea, told U.S. legislators in March 2012. "North Korea employs sophisticated computer hackers trained to launch cyber-infiltration and cyber-attacks" against South Korea and the U.S.
In 2010, Won Sei-hoon, then chief of South Korea's National Intelligence Service, put the number of professional hackers in North Korea's cyber warfare unit at 1,000.
North Korean students are recruited to the nation's top science schools to become "cyber warriors," said Kim Heung-kwang, who said he trained future hackers at a university in the industrial North Korean city of Hamhung for two decades before defecting in 2003. He said future hackers also are sent to study abroad in China and Russia.
In 2009, then-leader Kim Jong Il ordered Pyongyang's "cyber command" expanded to 3,000 hackers, he said, citing a North Korean government document that he said he obtained that year. The veracity of the document could not be independently confirmed.
Kim Heung-kwang, who has lived in Seoul since 2004, speculated that more have been recruited since then, and said some are based in China to infiltrate networks abroad.
What is clear is that "North Korea has a capacity to send malware to personal computers, servers or networks and to launch DDOS-type attacks," he said. "Their targets are the United States and South Korea."
Expanding its warfare into cyberspace by developing malicious computer codes is cheaper and faster for North Korea than building nuclear devices or other weapons of mass destructions. The online world allows for anonymity because it is easy to fabricate IP addresses and destroy the evidence leading back to the hackers, according to C. Matthew Curtin, founder of Interhack Corp.
Thurman said cyberattacks are "ideal" for North Korea because they can take place relatively anonymously. He said cyberattacks have been waged against military, governmental, educational and commercial institutions.
North Korean officials have not acknowledged allegations that computer experts are trained as hackers and have denied many of the cyberattack accusations. Pyongyang has not commented on the most recent widespread attack in South Korea.