Panel points to major holes in South's cyber security
Korea JoongAng Daily

Home > National > North Korea

print dictionary print
Published: 09 Feb. 2023, 18:58 Updated: 09 Feb. 2023, 19:27

Panel points to major holes in South's cyber security

The British Embassy in Seoul hosted a panel discussion on deterring North Korean cyber attacks at the Four Seasons Hotel in Jongno District, central Seoul on Thursday morning as part of its Cyber Week series of talks. [BRITISH EMBASSY]

The British Embassy in Seoul hosted a panel discussion on deterring North Korean cyber attacks at the Four Seasons Hotel in Jongno District, central Seoul on Thursday morning as part of its Cyber Week series of talks. [BRITISH EMBASSY]

 
South Korea’s defenses against North Korean hackers are hampered by Seoul’s lack of clear guidance for private companies and the country’s balkanized cyber security market, a risk analyst said at an expert panel on Thursday.
 
The discussion, titled “Deterring North Korean Cyber Attacks,” was part of a two-day panel series at the Four Seasons Hotel in Jongno District, central Seoul, hosted by the British Embassy in Seoul as part of its Cyber Week that kicked off on Wednesday.
 
Nils Weisensee, director of news operations at the Korea Risk Group, said that South Korean cyber security could benefit from institutional and policy changes that encourage “a culture of exchange and open discussion of weaknesses” in the country’s online infrastructure, and called on the government to impose “financial costs” on companies that do not maximize their resilience and security measures against cyber attacks.
 
Weisensee also noted that cyber security companies in Korea “never talk to each other because they are competitors, with no one sharing information or intelligence about threats” — a state of affairs he contrasted with that of the United States, which he said was characterized by “a constant flow of ideas between experts” who “understand that no one wins if crucial information is withheld.”
 
He also identified South Korea’s reliance on multiple browser plug-ins and outdated software as “highly vulnerable singular points of weakness” that expose the country to attacks by North Korean hackers.
 
The attacks, which have recently focused on stealing from financial institutions and especially cryptocurrency exchanges, have increased in sophistication and brazenness in the past five years, mainly due to the adoption of tighter international sanctions in 2016 and 2017 that closed off the North’s other revenue streams, according to Oh Il Seok, a research fellow at Seoul’s Institute for National Security Strategy.
 
“It’s hard to see how further sanctions would deter North Korea’s malicious cyber activities, because North Korean cyber attacks are aimed at earning foreign currency to support its missile and nuclear weapons programs,” Oh said. “As sanctions have been tightened, we have observed that regime cohesion has actually increased.”
 
Blockchain analysis company Chainalysis released a report last week that said North Korea-backed hackers stole $1.7 billion through cryptocurrency heists in 2022 — a near-fourfold increase from the country’s previous record of $429 million in 2021.
 
Oh noted that deepening division between the United States and allies like South Korea and Britain on one side and Russia, China and North Korea on the other would likely only encourage North Korea to ramp up illicit cyber activities, given the lower likelihood that countries like Russia would enforce existing sanctions.
 
Fellow panelist Chai Kyung-hoon, who serves as director of the Foreign Ministry’s North Korean nuclear policy division, noted that the North has also found ways around international bans on its labor exports through its IT workers.
 
“Not only do North Korean IT workers raise hard currency for the regime by working for foreign, usually English-speaking companies under false identities, but they also procure information and materiel for missile and nuclear weapons components,” Chai said.
 
Oh observed that while North Korea’s IT workers are highly motivated to work for the regime as “it is one of the few ways they are permitted to leave their country,” South Korea’s top-tier IT workers tend to work for private companies that pay better than the government.
 
“Our countries need to train skilled IT workers who will go on to work in the public sector to be beef up our cyber defenses and responses,” Oh said.
 

BY MICHAEL LEE [lee.junhyuk@joongang.co.kr]
tags Korea British Embassy Cyber Week Foreign Ministry North Korea hacker hacking cryptocurrency theft sanctions cyber security

More in North Korea

Kim Jong-un spends $1.82 billion per year on elite perks, report says

North Korea criticizes U.S. sanctions against Iran

North Korean defections to South rise as 43 arrive in Q1, gov't data shows

North mined all roads connecting the two Koreas: JCS

North threatens retaliation against U.S. plans for new sanctions monitoring

Related Stories

Seoul sanctions North Korean hacking group Kimsuky

U.S., South Korea sanction more Northern entities

[Editorial] Centralize the effort to combat cyber warfare

South Korea issues first independent sanctions on North's cyber activities

[Editorial] Centralize the effort to combat cyber warfare (KOR)
Log in to Twitter or Facebook account to connect
with the Korea JoongAng Daily
help-image Social comment?
s
lock icon

To write comments, please log in to one of the accounts.

Standards Board Policy (0/250자)