Straight out of the text book of asymmetric warfare, North Korea's thousand-plus hackers have allegedly succeeded in breaching the South Korean defense ministry's data center, stealing 235 gigabytes of military secrets.
It is equivalent to some 15 million pages of documents and includes classified plans jointly drawn by the United States and South Korea. These contingencies include a surprise attack to assassinate North Korean leader Kim Jong Un and other important figures, according to South Korean lawmaker Rhee Cheol-hee of the ruling Democratic Party of Korea.
Rhee, a member of parliament’s defense committee, could not be reached for comment, but his office said he had been quoted correctly.
In this video, Defense Updates analyses the event and the implications.
Lets get started.
When North Korean hackers tried to steal $1 billion from the New York Federal Reserve last year, only a spelling error stopped them. They were digitally looting an account of the Bangladesh Central Bank, when bankers grew suspicious about a withdrawal request that had misspelled “foundation” as “fandation.”
Even so, Kim Jong-un’s minions still got away with $81 million in that heist.
Then only sheer luck enabled a 22-year-old British hacker to defuse the biggest North Korean cyberattack to date, a ransomware attack last May that failed to generate much cash but brought down hundreds of thousands of computers across dozens of countries — and briefly crippled Britain’s National Health Service.
Their track record is mixed, but North Korea’s army of more than 6,000 hackers is undeniably persistent, and undeniably improving, according to American and British security officials who have traced these attacks and others back to the North.
For decades Iran and North Korea have shared missile technology, and American intelligence agencies have long sought evidence of secret cooperation in the nuclear arena. In cyber domain, the Iranians taught the North Koreans basic of cyber espionage.
It was a copycat operation.
South Korea's military follows a rule that mandates separating its computers connected to the Internet and the military intranet. Yet, a "ridiculous mistake" of keeping one computer plugged into both for more than a year allowed the North Koreans to break in, according to the Wall Street Journal.
There is evidence Pyongyang has planted so-called digital sleeper cells in the South’s critical infrastructure, and its Defense Ministry, that could be activated to paralyze power supplies and military command and control networks.
The issue is not only that the surprise factor has been spoiled but also the ease with which Pyongyang managed to steal such vital information may very well limit the quantity and quality of intelligence Washington shares with Seoul.
War plans in general contain the number of troops to deploy, the types of weapons to be used and the areas to be targeted.
SOUTH VS NORTH CYBER SECURITY
The vulnerability is related to the extent that South Koreans are connected to the Internet. "As long as the whole society is dependent on the Internet, there will always be a vulnerability to cyberattacks," said professor Ken Kotani of Nihon University's college of risk management in Tokyo.
"You can raise the security level of the military and government all you want, but if private sector infrastructure is targeted they will not be able to withstand it."
North Korean society, on the other hand, remains largely unconnected and as such has an edge, Kotani said. "In the cyberworld, the attacker is always stronger."
Amid all the attention on Pyongyang’s progress in developing a nuclear weapon capable of striking the continental United States, the North Koreans have also quietly developed a cyberprogram that is stealing hundreds of millions of dollars and proving capable of unleashing global havoc.
Unlike its weapons tests, which have led to international sanctions, the North’s cyberstrikes have faced almost no pushback or punishment, even as the regime is already using its hacking capabilities for actual attacks against its adversaries in the West.
Intelligence officials now estimate that North Korea reaps hundreds of millions of dollars a year from ransomware, digital bank heists, online video game cracking, and more recently, hacks of South Korean Bitcoin exchanges.
One former British intelligence chief estimates the take from its cyberheists may bring the North as much as $1 billion a year, or a third of the value of the nation’s exports.
Inside the National Security Agency (NSA), just a few years after analysts had written off Pyongyang as a low grade threat, there was suddenly a new appreciation that the country was figuring out cyber just as it had figured out nuclear weapons: test by test.
"Audio by Scott Leffler -- scottleffler.com"