A new kind of war appeared after Sony hack: The cyberwar is much more obvious. We had heard of it by Snowden, and several other security specialists. But it was never so clear. OR HuffingtonPost has published a very interesting article on North Korea's online development. We transfer it to you.
Most North Koreans have never seen the Internet. Washington, however, suspects that it is behind Sony Pictures Entertainment's devastating hack, as well as several deadly cybercrime infiltrations in South Korea over recent years.
Experts say the Sony Pictures hack was the most expensive cyberattack ever caused to a US company. Sensitive documents, and terrorist threats, forced Sony to cancel the screening of "The Interview." Rumors want the studio to collapse, as the embarrassing revelations from tens of thousands of emails have been leaked exposing the company irreparably.
All indications are that despite widespread poverty, malnutrition and decades of US economic sanctions, Pyongyang has the resources to train thousands hackers.
Let's take a look at the country's suspected cyberwar capabilities as experts believe the authoritarian nation has a cyber program:
North Korea's CyberArmy
A former North Korean spy chief head says the number of hacker professionals employed by the country is from 1.000 to 3.000. The numbers come from the 2010 Seoul Information Office and a North Korean governmental leaked 2009. So everyone agrees that North Korea is training hackers in top schools to launch cyber attacks, especially in South Korea.
Demonstrator Kim Heung Kwang said hackers were trained at the University of North Hammung Industrial City. Hackers are funded and sent for study abroad (China and Russia).
In 2009, then-leader Kim Jong Il ordered a "cyber boost" and Pyongyang acquired 3.000 hackers, Kim said, citing a North Korean government document. The accuracy of the document cannot be confirmed.
Kim, who has lived in Seoul since 2004, believes that since then, more have been hired, and some have been based on China to penetrate foreign networks.
Simon Choi, senior security investigator at anti-virus company Hauri Inc. of Seoul, said North Korea's hackers had acquired their skills by launching several attacks in South Korea. Choi, who analyzes malicious code from North Korea, said the country's capabilities have improved and are able to turn malware into harmless computer code.
The cyber attacks of the past
Η Νότια Κορέα κατηγορεί τη Βόρεια Κορέα για τη διenergy τουλάχιστον έξι κυβερνοεπιθέσεων υψηλού προφίλ από το 2007 με πολλές ανεπιτυχείς προσπάθειες διείσδυσης σε συστήματα πληροφορικής επιχειρήσεων και κυβερνητικών υπηρεσιών. Σε έξι περιπτώσεις, οι hackers κατέστρεψαν σκληρούς δίσκους, παρέλυσαν τραπεζικά συστήματα και διέκοψαν την πρόσβαση σε ιστοσελίδες. Μερικές από αυτές τις επιθέσεις ήταν τόσο εξοντωτικές που σε μία περίπτωση μια τράπεζα της Νότιας Κορέας δεν είχε online τραπεζικές υπηρεσίες για περισσότερο από δύο εβδομάδες.
The first attack from North Korea took place on July 7, 2009 in the form of "denial of service" attacks on dozens of South Korean and governmentof the USA. The hackers caused heavy traffic from tens of thousands of "zombie" computers that they had managed to infect with malware. Initially, South Korea pointed the finger at North Korea. Some experts later said there was no evidence data that Pyongyang was behind the attack, but South Korea continues to see the attack as a prelude to a growing cyber threat from the North.
A similar penetration was conducted on 4 March of 2011. The hackers attacked about 40 sites in South Korea. The targets included websites from the South Korean Presidential Office, the Foreign Office, the National Intelligence Agency, US forces in Korea, and major financial institutions.
A month later, South Korean bank Nonghyup was the victim of a damaging cyber attack. The bank took more than two weeks to recover and continue online banking and ATM services. The South Korean authorities have come to the conclusion that North Korea was responsible for 12's 2011 April assault on XNUMX.
One of the most devastating attacks was 2013. On 20 March a cyberattack hit 48.000 computers and servers, blocking the country's banks for 2-5 days. Officials said they did not risk banking or personal data, but executives at three broadcasters were unable to connect to their systems for several days.
Three months later, on the anniversary of the launch of the Korean War, dozens of government websites and media companies have been hit by malicious code and denial of service attacks.
What will be the next step in North Korea?
Experts believe that for the devastated North Korea, the expansion of cyberwar is an attractive option, because it is cheaper. The development of malicious code is much faster than the construction of nuclear bombs or other weapons of mass destruction. Online attacks can also be performed anonymously.
It is also a battle that North Korea has little to lose. Unlike South Korea, where trade and many aspects of everyday life depend on the Internet, the North Koreans do not depend on the internet. In South Korea, a website breach or a online banking disorder may create a great deal of inconvenience.
"North Korea has very few computers with Internet access. "South Korea has a huge IT infrastructure that can suffer from attacks," said Choi, a security expert. The fact provides ample targets for North Korean hackers, he continued.
Close
All that the world knows about the potential of North Korea's cyber war comes mainly from North Korean intelligence officers who left the country before 2007 when the first major cyberattack South Korea was held.
North Korea's nuclear capabilities are a point of pride to the isolated nation, but the country has never openly admitted the existence of state-educated hackers.
North Korea has repeatedly denied Seoul's charges of cyber attacks in South Korea. In the case of Sony Pictures, North Korea said it was not them, but expressed their sympathy for those who did it.
