A growing cyberthreat

The prosecution and the National Intelligence Service have launched an investigation into a local information technology company owner’s alleged collaboration with North Korean hackers to help them access our computers in the South. More than 100,000 PCs were presumed to have been infected with malignant code due to the North’s hacking attempts.

The nation’s top spy agency conducted a search and seizure raid on the IT company owner’s office and residence and on Internet servers involved with the cyberattacks under the direction of the Seoul Central District Prosecutors’ Office. The prosecution believes North Korean hackers have already turned a large number of computers in the South into “zombie PCs” by using server connection IDs and passwords provided by the company owner. The prosecution and the intelligence agency plan to summon the owner, surnamed Kim, for further investigation because of the strong possibility that Kim - who worked for a South-North IT joint venture in China - worked for North Korean operatives. The truth of the cyberterror will be revealed after the prosecution’s analysis of the confiscated materials and the interrogation of Kim.

What attracts our attention is that a “botnet” - which refers to a large number of compromised computers that are used to generate spam, relay viruses or flood a network or Web server with excessive requests to cause it to fail - can function as a resident spy. The “zombie army” can be mobilized for massive cyberwarfare, often using DDoS attacks. It’s a terrifying idea that computers in our offices and homes are remotely controlled by North Korean hackers. The prosecution concluded that large cyberattacks against major news organizations and financial institutions in March and the hacking of the homepages of the Blue House and the Prime Minister’s Office in June are all attributed to North Korea. The joint civilian, government and military response team said North Korean hackers had thoroughly prepared for the attacks by planting malignant codes five to six months earlier.

Whenever a colossal hacking occurred, the government singled out Pyongyang without follow-up measures to prevent any recurrence. Despite the administration’s announcement of comprehensive policies, it has been under fire for the lack of detailed action plans. The government must demonstrate determination to safeguard national security and public safety in cyberwars with the North. It must substantially enhance our capabilities to fight cyberwars by enacting a law on national cyberrisk management and training top-level experts in cybercounterterrorism.