For North Korea’s cyber army, long-term target may be telecoms, utility grids

For North Korea's cyber army, long-term target may be telecoms, utility grids

A world map, with the Korea peninsula marked in red, is seen as a hotel receptionist talks on the phone in Rason city, northeast of Pyongyang, August 29, 2011.

Credit: Reuters/Carlos Barria

SEOUL (Reuters) – The hacking attack on Sony Pictures may have been a practice run for North Korea‘s elite cyber-army in a long-term goal of being able to cripple telecoms and energy grids in rival nations, defectors from the isolated state said.

Non-conventional capabilities like cyber-warfare and nuclear technology are the weapons of choice for the impoverished North to match its main enemies, they said.

Obsessed by fears that it will be over-run by South Korea and the United States, North Korea has been working for years on the ability to disrupt or destroy computer systems that control vital public services such as telecoms and energy utilities, according to one defector.

North Korea‘s ultimate goal in cyber strategy is to be able to attack national infrastructure of South Korea and the United States,” said Kim Heung-kwang, a defector from the North who was a computer science professor and says he maintains links with the community in his home country.

“The hacking of Sony Pictures is similar to previous attacks that were blamed on North Korea and is a result of training and efforts made with the goal of destroying infrastructure,” said Kim, who came to the South in 2004.

The North’s most successful cyber-attack to date may be the hacking at Sony Corp that led to the studio cancelling a comedy on the fictional assassination of North Korean leader Kim Jong Un.

Although not officially accused by Washington, U.S. government sources said on Wednesday that investigators had determined the attack was “state sponsored” and that North Korea was the government involved.

“They have trained themselves by launching attacks related to electronic networks,” said Jang Se-yul, a defector from North Korea who studied at the military college for computer sciences before escaping to the South six years ago, referring to the North’s cyber warfare unit.

For years, North Korea has been pouring resources into a sophisticated cyber-warfare cell called Bureau 121, run by the military’s spy agency and staffed by some of the most talented computer experts in the country, he and other defectors have said.

Most of the hackers in the unit are drawn from the military computer school.

“The ultimate target that they have been aiming at for long is infrastructure,” Jang said.

ATTACKS ON THE SOUTH

In 2013, South Korea blamed the North for crippling cyber-attacks that froze the computer systems of its banks and broadcasters for days.

More than 30,000 computers at South Korean banks and broadcast companies were hit in March that year, followed by an attack on the South Korean government’s web sites.

An official at Seoul’s defense ministry, which set up a Cyber Command four years ago, said the North’s potential to disrupt the South’s infrastructure with cyber-attacks is an emerging threat but declined to give details.

South Korea‘s intelligence agency declined to comment on networks that remain vulnerable to North Korean hacking. Its national police, which runs an anti-cyber crimes operation, also did not have comment.

But officials at the country’s gas utility and the operator of 23 nuclear reactors that supply a third of the electricity for Asia’s fourth largest economy said contingency plans are in place to counter infiltration.

“We have been more vigilant since last year’s hacking on banks,” an official at the state-run Korea Hydro & Nuclear Power Co Ltd said. “We have separated networks for internal use from the outside.”

An official for Korea Gas Corp, the world’s largest corporate buyer of liquefied natural gas, said it has been working with the National Intelligence Service against potential cyber threats.

But highlighting the vulnerability to hacking, the network of Korea Hydro & Nuclear Power was recently compromised, resulting in the leak of personal information of employees, the blueprints of some nuclear plant equipment, electricity flow charts and estimates of radiation exposure on local residents.

Preliminary investigations have found no evidence that the nuclear reactor control system was hacked but an added layer of alert against cyber infiltration has been ordered for major energy installations, the Industry and Energy Ministry said on Friday.

Although North Korea diverts much of its scarce resources to the military, its outdated Soviet-era tanks, planes and small arms are at a stark disadvantage to next-generation capabilities of its adversaries. 

It has, however, invested significant time and money in its asymmetric warfare capabilities, which include a vast fleet of mini-submarines and thousands of state-sponsored hackers.

“When you look at military capabilities, there are various aspects like nuclear and conventional. But with the economic environment and difficulties (the North) faces, there is bound to be limitation in raising nuclear capabilities or submarines or conventional power,” said Lim Jong-in, dean of the Korea University Graduate School of Information Security in Seoul.

“But cyber capability is all about people…I believe it is the most effective path to strengthening the North’s military power.”

(Additional reporting by Meeyoung Cho, Kahyun Yang and Hyunyoung Yi; Editing by Raju Gopalakrishnan)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.