Tag cyber

Censored in South Korea?

As you can see from the flag graph to your right, I get my second largest number of visitors from South Korea. Go figure, given how many of my posts are about the Koreas.

However, according to How to Get Censored in South Korea, a 13 August article in the New York Times on growing Internet censorship in South Korea (never mind the North), certain content can get your site banned in the South. The Times article not only carries some of the banned content, it offers to share it with other websites.


NK Resumes GPS Jamming in SK

UPDATE (3 July): Pyongyang denied it was responsible for the jamming. Thanks to North Korea Tech for the updated info (and my apologies for taking so long to post it).

North Korea has reportedly revived last year’s campaign to jam GPS signals in South Korea, harassing flights around both Incheon and Kimpo international airports. Affected airlines include Korean Air, United, and Delta, plus international freight carriers FedEx and UPS.

Last year’s jamming campaign only lasted for a few days, but this year’s has been ongoing since the end of April. The South plans to protest the North’s action (something I’m sure is keeping NK’s leaders awake at nights) to the International Telecommunication Union. Much handwringing and a very light slapping of wrists likely to ensue.

Unlike last year, there are no reports of the jamming affecting cellphone systems inside Seoul – perhaps due to SK Telecom (and presumably others) updating their systems to protect against NK jamming.

Interesting to see how NK, easily East Asia’s least technologically advanced country, is attempting to weaponize the technological sophistication of its rivals by finding and exploiting the new weaknesses of the networked era. Jamming GPS signals and launching hacker offensives at the South is a relatively cheap, safe, and punishment-free way of tormenting its neighbor, giving Pyongyang’s military and hardliners something to do, and developing a new chip to be traded away for some future benefit. Worth keeping an eye on.


North Korea Continues to Expand Cyber Capabilities; Cheap, Domestic Alternative to Buying Weapons from China, Russia

Partly for work, partly for personal interest, I’ve been following reports on North Korea’s efforts in cyberspace, including a cyber-attack on Korea University, an attack on the South’s agriculture bank and cooperative, Nonghyup, and speculation that Kim Jeong-Eun was behind at least some of the cyber attacks prior to taking over the country in December upon the death of his father.

U.S. defense officials are also tracking North Korea’s cyber activities, saying in testimony on Capitol Hill today that the North has added “sophisticated cyber attack capabilities” that mark “a skilled team of hackers” as the newest addition to North Korea’s arsenal.

Given the limited ability to definitively trace and prove the origin of cyber attacks, I’m not sure how these new capabilities fit in with the North’s unique method of international relations. A method whereby the North intentionally creates and escalates international tension, before trading away a reduction in those tensions in return for aid from China, South Korea, and elsewhere. If cyber attacks can’t be traced to the North, how can the North use them as a bargaining chip?

Instead, the new cyber capabilities appear to be exactly what they were called on the Hill today – military weapons. The North will likely continue to expand and hone its cyber capabilities, including attacks on outside countries, viewing them as a cheap, domestically-produced alternative to weapons purchased from Russia or China. A weapon capable of use with far less backlash, or evidence, than shelling South Korean islands or torpedoing South Korean warships. These new cyber assets are less about generating aid than about improving military capabilities in a cost-effective, easily testable, relatively safe manner.

After all, which is easier, cheaper, and offers less potential blowback – building and testing a missile that can threaten the U.S., or developing a cyber capability that can accomplish the same thing?


SK Police Raid Google Korea; NK Hackers Take Down SK Bank

Wow, it’s getting tough to run a website in South Korea. Between cyberattacks from North Korean intel agencies (possibly led by Kim Jong-il’s son and heir apparent, Kim Jong-eun) and the police raiding your offices to see who you’re spying onstalking … collecting data on, life is getting tough for webmasters in Seoul.

Police and prosecutors announced earlier today that North Korea was behind an April attack on the South’s agriculture bank and cooperative, Nonghyup, that locked 30 million people out of their bank accounts for “several days.”  The North’s “Reconnaissance General Bureau” (read: intelligence agency) reportedly entered through a laptop belonging to a subcontractor (the name of that subcontracting company? A little outfit by the name of IBM.) last September, stole over a thousand pages of documents, before finally wreaking so much havoc on Nonghyup’s servers that it took down the bank’s electronic banking system.

Hmm, not making IBM look very good. Nor Nonghyup.

The other main story, the police raid, took place at the offices of both Google Korea and Daum, the popular Korean portal site. The police were reportedly looking for illegally collected private data, mainly from smartphone users. Nice to see at least one country values personal privacy.

All in all, a rough day for IBM, Google, Nonghyup, and Daum, though it is nice to see at least an attempt to protect users’ personal data. Most worrisome is North Korean state-run hackers using IBM to bring down the electronic banking system of a major South Korean bank. These online provocations don’t (so far) get as much attention as military provocations, but they are becoming both more frequent and more capable. It doesn’t take a genius to see more of this is coming – are we ready?

UPDATE (10 May): In a report carried by both Singapore Press and the Voice of America, North Korea denied it was responsible for the cyberattack on Nonghyup. It called the accusation an “anachronistic anti-DPRK (North Korea) farce and charade.” All of which means someone in the North is monitoring outside media reports and was able to issue a formal denial within a week – not a bad turnaround time for the North. They are obviously following these stories closely.



SK Cops: North Responsible for March Cyberattack

The “cyber cops” at South Korea’s National Police Cyber Terror Response Center announced today that North Korea was responsible for an early March cyber attack on South Korean websites (related posting here). The latest attack reportedly used the same techniques and IP addresses as a 7 July 2009 attack also blamed on the North. The latest attack reportedly harnessed 746 servers in 70 countries in a distributed denial-of-service (DDoS) attack on 40 South Korean websites.

With two attacks, both somewhat successful, and no repercussions, look for the North to continue this method of provocation, especially if Kim Jong-eun really is in charge of the unit conducting the attacks. Given the current (lack of) food situation in the North, an April or May provocation to help unite North Korea’s domestic populace during the depths of the food crisis is increasingly likely (ala last year’s attack on the Cheonan and shelling of Yeonpyeong Island / 연평도).