National Assembly under attack“Cyberwarfare is the omnipotent sword that guarantees the People’s Army ruthless power to attack,” Kim Jong-un, North Korea’s National Defense Commission chairman, recently said to emphasize the importance of cyber warfare. His sword, once again, stabbed the heart of South Korea.
This time, the National Assembly was attacked.
The audit on the National Intelligence Service (NIS) showed that the computers and e-mails of Rep. Na Kyung-won, chairwoman of the foreign and unification committee; Rep. Kil Jeong-woo, former member on the committee; and a lawmaker on the National Defense Committee were all hacked.
This is a serious issue. Some computers of lawmakers and aides could still be infected “zombie” computers.
In North Korea, the General Reconnaissance Bureau is in charge of cyberwarfare. It is a massive organization with 1,700 experts and 4,200 supporting workers. But it’s more than just large. Dr. Byun Jae-jung of the Agency for Defense Development warned a decade ago that North Korea’s hacking ability is similar to that of the U.S. Central Intelligence Agency. At the time, many people said he was overestimating, but the series of cyberattacks carried out by Pyongyang since supports Bae’s analysis.
The North carried out a distributed denial-of-service (DDos) attack against the South on July 7, 2009. In 2011, the network of Nonghyup bank was paralyzed, and the server of the JoongAng Ilbo was attacked in 2012. In 2013, the networks of broadcasters and financial companies were paralyzed. The Korea Hydro and Nuclear Power was also hacked in 2014.
Almost every year, the South faced a major cyberattack, but we fail to find the source, not to mention mount any kind of retaliation. Based on the IP addresses in China used for the attacks and the methods, we can only suspect that the North was behind the attacks.
South Korea is known for its top-class information technology capabilities. If this is the case, why is it hit so severely by the North’s cyber attack so frequently? The biggest reason is the lack of the systemic countermeasures against cyberattacks. Our crisis management system for cyberterrorism is lame when it is compared to that of the United States, China, Japan and Russia.
In the United States, the White House takes charge, while the National Security Agency and the Central Intelligence Agency collect cyberterrorism intelligence, protect confidential information and carry out cyberoperations.
In China, President Xi Jinping is the highest in the chain of command of cyber security by heading the central Internet security of the Communist Party. The National Administration for the Protection of State Secrets - equivalent to South Korea’s NIS - and the Ministry of State Security are in charge of protecting confidential information and collecting intelligence.
But in South Korea, a bill to address these issues has been pending for three years, because opposition lawmakers protest any plan to give the NIS more authority.
Former President Roh Moo-hyun ordered the NIS to draft laws regarding cyberterrorism in 2006, and the bills were sponsored by the legislature during the past 17th and 18th National Assembly. But they faded without a meaningful discussion.
Cyberterrorism is not just virtual reality; it creates enormous damage. South Korea, with its easy access to Internet, is extremely vulnerable, while it is extremely difficult to penetrate the North’s intranet, named “Kwangmyong.” The South doesn’t even have a shield to protect itself from the North’s sword, not to mention having a weapon of its own.
“The North’s cyberattacks on the South are continuing, but the country is seriously insensitive to cybersecurity. The National Assembly, in particular, will be left in a blind spot, because it is an independent body,” Rep. Ha warned. And his warning became a reality when the legislature was hacked. But the legislature rarely talks with any seriousness about improving its cybersecurity.
Recently, lawmakers criticized the NIS’s recent purchase of hacking tools. Rep. Ahn Cheol-soo of the New Politics Alliance for Democracy, a cyber security expert, headed a committee to protect the people’s privacy, but he has failed to uncover any suspicions that the tools were used against civilians.
In the meantime, the National Assembly was seriously attacked by the North’s cyberwarriors. Rep. Ahn and other opposition lawmakers, however, are remaining silent on the attacks. Although they are extremely enthusiastic about protecting privacy, they are indifferent to protecting the country’s secrets.
It is a dereliction of duty for the legislature to do nothing about cybersecurity. Will it stop offering vaccines when an outbreak hits the country and kills the people?
JoongAng Ilbo, Oct. 23, Page 34.
*The author is an editorial writer of the JoongAng Ilbo.
by Cheong Chul-gun