According to the news published on Korea JoongAng Daily website, North Korea cyber army has been tracked attempting cyber attacks on Incheon International Airport systems spreading a virus planted in game programs.
The information has been provided by the Seoul Metropolitan Police Agency referring that a 39-year-old South Korean man was arrested for involvement and charged with violating the National Security Law.
The man, a game distributor, was arrested with the help of The National Intelligence Service as declared by police. The South Korean man in September 2009 traveled to Shenyang, northeastern China, to meet agents of an alleged North Korean trading company with to acquire software games to be sold in the South. It seems that the South Korean man was informed on the real identity of the agents that belonged to the North’s Reconnaissance General Bureau.
The Bureau is responsible for collecting strategic, operational, and tactical intelligence for the Ministry of the People’s Armed Forces and it is also responsible for infiltrating intelligence personnel into South Korea.
The South Korean man acquired dozens of games for a price that was a third the cost of the same kind of software in the South, but it has been discovered that the games were infected with a malware viruses and that the buyer was informed of its presence.
The games were sold by the South Korean man to operators of online games of his country, the virus infected the applications were used to transform user’s machine in a zombie of the botnets created with the purpose to launch distributed denial-of-service attack against Incheon International Airport. In March 2011, at least three times the airport has been attacked, fortunately without success thanks to the response of the intelligence.
The South Korean intelligence suspect that the attacks were prepared by North’s Reconnaissance General Bureau. In September a similar attack to the flight data processor paralyzed air traffic control at Incheon International Airport for nearly an hour.
The main concern is related to the spread of a virus, a cyber weapon used by North Korean government, to interfere with air traffic control at Incheon International Airport.
Many experts are sure that North Korea is conducing a massive cyber campaign against South Koreas to destroy critical infrastructures in the South such as power plants and water.
According source of intelligence of South Korea “The North’s Reconnaissance General Bureau has hired group of hackers, mainly located in China, to conduct attacks against strategic targets such as the the South.
Which are the cyber capabilities of North Korea?
North Korea has the highest percentage of military personnel in relation to population than any other nation in the world, with approximately 40 enlisted soldiers per 1000 people with a considerable impact on the budge of the country. Don’t forget also that North Korea has capabilities that also include chemical and biological weapons. A defector has declared that North Korea has increased its cyber warfare unit to staff 3,000 people and it is massive training its young prodigies to become professional hackers.
The large cyber force responds directly to the command of the country’s top intelligence agency, the General Reconnaissance Bureau. Last year satellite images related to the area that is suspected to host North Korea’s ‘No. 91 Office’ appeared online. The unit is based in the Mangkyungdae-district of Pyongyang dedicated to computer hacking, its existence was revealed in a seminar on cyber terror in Seoul.
According to the revelation of Army General James Thurman, the commander of US Forces Korea, the government of Pyongyang is massively investing in cyber warfare capabilities, recruiting and forming a high skilled team of hackers to be engaged in offensive cyber operations against a hostile government and in cyber espionage activities.
In more than one occasion the North Korea has threatened the South promising waves of attacks, and the cyber offensive option is the most plausible considering the advantage in terms of efficiency, noise, and political impact.
North Korea’s electronic warfare capabilities are second only to Russia and the United States, a South Korean expert claimed Thursday.
Professor Lee Dong-hoon of the Korea University Graduate School of Information Security said the North Korea’s electronic warfare capabilities are second only to Russia and the United States, a South Korean expert claimed Thursday.
“North Korea has been preparing for cyber warfare since the late 1980s and is now the third strongest after Russia and the U.S.,”
he said at the Defense Security Command’s defense information security conference in Seoul.
“In North Korea the state nurtures cyber (warfare) personnel to achieve military aims, and is capable of conducting various cyber attacks including denial of service and hacking.”
He quoted the distributed denial of service, or DDoS, attack in July 2009 that is suspected to have been launched by the Pyongyang Computer Technology University.
Recently, from April 28 until May 13, GPS signals were jammed here causing difficulties in air and marine traffic controls of South Korea, the origin of attacks was located on the North Korean boundary, no doubts that it was arranged by North Korean intelligence.
According to the security specialist, South Korea is not prepared to respond to the attacks arranged by Pyongyang governments and this consideration must induce serious concern regarding the critical political situation in the area.
The same opinion and concerns on North Korea’s cyber warfare capabilities are shared by the chief of the Defense Security Command Army Lieutenant General Bae Deag-sig that declared:
“North Korea is attempting to use hackers to infiltrate our military’s information system to steal military secrets and to incapacitate the defense information system,” Bae said.
“The military is updating the information protection policies and systems as part of the efforts to strengthen its response capabilities.”
North Korea, in the cyber scenario, is assuming a determinant role that approaches it important to the one related to historical cyber countries such as China and Russia. The evolution of the conflicts and its increasing propensity to adopt cyber operations should lead many concerns. In the short term to fight the cyber threat it is necessary a significant investment of the countries of the Asia Pac area in cyber warfare capabilities, South Korea first, I am unfortunately convinced that dialogue with North Korea at this time of profound change for the country is very difficult.
(Security Affairs – North Korea, Information Warfare)