Travels with Scott

UPDATE (3 July): Pyongyang denied it was responsible for the jamming. Thanks to North Korea Tech for the updated info (and my apologies for taking so long to post it).

North Korea has reportedly revived last year’s campaign to jam GPS signals in South Korea, harassing flights around both Incheon and Kimpo international airports. Affected airlines include Korean Air, United, and Delta, plus international freight carriers FedEx and UPS.

Last year’s jamming campaign only lasted for a few days, but this year’s has been ongoing since the end of April. The South plans to protest the North’s action (something I’m sure is keeping NK’s leaders awake at nights) to the International Telecommunication Union. Much handwringing and a very light slapping of wrists likely to ensue.

Unlike last year, there are no reports of the jamming affecting cellphone systems inside Seoul – perhaps due to SK Telecom (and presumably others) updating their systems to protect against NK jamming.

Interesting to see how NK, easily East Asia’s least technologically advanced country, is attempting to weaponize the technological sophistication of its rivals by finding and exploiting the new weaknesses of the networked era. Jamming GPS signals and launching hacker offensives at the South is a relatively cheap, safe, and punishment-free way of tormenting its neighbor, giving Pyongyang’s military and hardliners something to do, and developing a new chip to be traded away for some future benefit. Worth keeping an eye on.

Wow, it’s getting tough to run a website in South Korea. Between cyberattacks from North Korean intel agencies (possibly led by Kim Jong-il’s son and heir apparent, Kim Jong-eun) and the police raiding your offices to see who you’re spying on … stalking … collecting data on, life is getting tough for webmasters in Seoul.

Police and prosecutors announced earlier today that North Korea was behind an April attack on the South’s agriculture bank and cooperative, Nonghyup, that locked 30 million people out of their bank accounts for “several days.”  The North’s “Reconnaissance General Bureau” (read: intelligence agency) reportedly entered through a laptop belonging to a subcontractor (the name of that subcontracting company? A little outfit by the name of IBM.) last September, stole over a thousand pages of documents, before finally wreaking so much havoc on Nonghyup’s servers that it took down the bank’s electronic banking system.

Hmm, not making IBM look very good. Nor Nonghyup.

The other main story, the police raid, took place at the offices of both Google Korea and Daum, the popular Korean portal site. The police were reportedly looking for illegally collected private data, mainly from smartphone users. Nice to see at least one country values personal privacy.

All in all, a rough day for IBM, Google, Nonghyup, and Daum, though it is nice to see at least an attempt to protect users’ personal data. Most worrisome is North Korean state-run hackers using IBM to bring down the electronic banking system of a major South Korean bank. These online provocations don’t (so far) get as much attention as military provocations, but they are becoming both more frequent and more capable. It doesn’t take a genius to see more of this is coming – are we ready?

UPDATE (10 May): In a report carried by both Singapore Press and the Voice of America, North Korea denied it was responsible for the cyberattack on Nonghyup. It called the accusation an “anachronistic anti-DPRK (North Korea) farce and charade.” All of which means someone in the North is monitoring outside media reports and was able to issue a formal denial within a week – not a bad turnaround time for the North. They are obviously following these stories closely.

The “cyber cops” at South Korea’s National Police Cyber Terror Response Center announced today that North Korea was responsible for an early March cyber attack on South Korean websites (related posting here). The latest attack reportedly used the same techniques and IP addresses as a 7 July 2009 attack also blamed on the North. The latest attack reportedly harnessed 746 servers in 70 countries in a distributed denial-of-service (DDoS) attack on 40 South Korean websites.

With two attacks, both somewhat successful, and no repercussions, look for the North to continue this method of provocation, especially if Kim Jong-eun really is in charge of the unit conducting the attacks. Given the current (lack of) food situation in the North, an April or May provocation to help unite North Korea’s domestic populace during the depths of the food crisis is increasingly likely (ala last year’s attack on the Cheonan and shelling of Yeonpyeong Island / 연평도).