Seoul still vulnerable to North Korea’s famed cyberwarriors
It seems the North intended to extract intelligence about the South’s diplomacy, security and unification policies, which indicates that a cyberwar between the two Koreas is still under way.
Hacking has emerged as a key security issue in the 21st century, and cybersecurity expert Sohn Young-dong offered advice to Korean individuals, enterprises and government institutions about how they should tackle the issue.
Sohn is a guest professor at Korea University’s Graduate School of Information Security and former head of the National Security Research Institute. After earning a master’s degree in IT policies at the Graduate School of Soongsil University, he spent seven years as an information communication reporter at the Korea Economic Daily from 1986.
Q. The leadership of Korea was hit by a hacking attack. Some have pointed out that the country has fallen into a cybersecurity crisis.
A. It’s disturbing to think of the reality that North Korea is monitoring South Korean state affairs. What’s more problematic is that a shocking revelation that the National Assembly had been hacked isn’t considered that big of an issue. It indicates that South Korea is extremely easygoing about cybersecurity. It’s a shame that leaders here have this lenient attitude that it’s okay as long as the attack doesn’t affect them.
How do you assess Korea’s cybersecurity status?
Foreign cyberwarfare experts and related institutions assess cybersecurity capacity in terms of three elements: ability to attack, ability to protect and policy. Korea, despite being equipped with a top-notch IT infrastructure, is so vulnerable to hacking that the nation’s comprehensive capacity isn’t even ranked in the world’s top 10.
How ready is Korea for a potential cybersecurity war? The Blue House has assumed control of the issue and has even seated a presidential secretary for cybersecurity. Do you think the system would work properly?
The National Intelligence Service is responsible for all the groundwork under the command of the Blue House. President Park Geun-hye has recruited a top cybersecurity expert as the special secretary for national security this year and established a new presidential secretary post wholly devoted to cyber security.
It’s true the government is showing a strong will to guard the national cybersecurity system. But related regulations, laws and human resources have yet to reach a sufficient level.
What part do you think needs to be supplemented?
The global trend is for each country to enact a comprehensive law on cybersecurity. Japan did so in November last year. But Korea has no law concerning cyberterrorism and cybersecurity.
The North’s recent hacking activity shows it may threaten not only national security but also South Korean individuals’ personal lives. What improvements could the government make in that aspect?
President Park should show digital leadership. She should spearhead governmental changes for citizens’ cybersafety and urge the general public to participate in the move. The United States has already defined cyberattacks as a national emergency situation.
How strong is North Korea’s cyberwarfare team?
North Korea has 1,500 full-time hackers. If military forces backing up those hackers are combined, the related workforce totals 6,800 - ample resources to attack us every day.
In terms of real-time traffic, North Korea is making one million attacks per day against the South. Many might assume North Korean hackers are inferior due to North Korea’s outdated Internet system. But that is never the case. Due to the absence of proper infrastructure, the country has few weak points. Some even say Kim Jong-un is so supportive that North Korea exceeds South Korea when it comes to the capacity to wage cyberwarfare.
How could the North develop those capabilities if international sanctions don’t even allow a high-end laptop to enter the country?
International regulations are meaningless to North Korea. What matters is their willpower. They are obsessed with cyberwarfare because it can be mobilized as a highly covert weapon due to the difficulty of identifying the perpetrator.
How does North Korea develop hackers?
They pick math prodigies at age 10 and train them to use computers. They grow as cyberwarriors after finishing college. Their object of practice and actual fight is South Korea because it has so many targets. The Central Intelligence Agency of the United States has ranked North Korea No. 3 in the world in cyberwarfare.
What about South Korea?
The National Cyber Command has around 500 hacking-related workers. Even if the police in the area are combined, there are less than 2,000 cybersecurity workers, less than one-third of those in North Korea.
South Koreans are anxious about how their daily lives could be impacted by a hack.
That is quite plausible. Cyberattackers normally choose national infrastructure - in finance, energy, transportation and media - over national defense facilities because its interruption can deal a huge blow to everyday people and cause social chaos.
Is it possible that North Korea’s present capacity makes possible the worst-case scenario of having a dam burst, electricity shut down or water supply cut off, like you might see in the movies?
Of course, it’s possible. Seoul Metro [which operates Seoul’s subway system] and large general hospitals have been hacked by those assumed to be North Koreans for months. The destruction of the Seoul Metro system will suspend the entire subway in Seoul. There are so many loopholes that it won’t be too farfetched to say Seoul is in the hands of North Korean hacking warriors.
What could individuals do to step up their cybersecurity?
You should change your IDs and passwords from time to time. That could prevent hacking by up to 90 percent. You should also update your antivirus software frequently. Chatting or sending emails or files over wireless Internet is dangerous. Doing so is tantamount to making your activities public.
BY CHAE IN-TAEK [firstname.lastname@example.org]