« The Best Defense Against Cyber Insurgents is a Good Offense
County cyber crime detectives uncover many offenders »

North Korea’s Cyberspying Streak


Recent espionage incidents show that enemies in Afghanistan and North Korea aren’t as digitally unsophisticated as they seem.

A note on the new rules of international cyber intrigue: When it comes to stealing digital secrets, even the least likely Luddite may be snooping around in your servers.

That’s the lesson, it seems, that the South Korean military learned after hackers seemingly based in North Korea intercepted confidential defense strategy plans in November. The cyberspies accessed the documents after a South Korean military officer left a USB key plugged into his PC while switching from a highly secure private intranet to the public Internet, South Korean newspaper Chosun Ilbo reported Friday. The stolen materials, dubbed OPLAN 5027, detailed possible U.S. and South Korean responses or pre-emptive strikes against North Korea in case of an imminent military threat.

According to Chosun, that’s the second such cyber intrusion this year. Last month, the news outlet reported that the North Korean hackers had accessed emergency chemical accident response plans through South Korean army networks.

Proving that the theft incidents were carried out by North Koreans isn’t easy. The hackers were traced to an IP address in mainland China, but could have easily been using a Chinese computer compromised with malicious software. By some estimates, China has the most computers infected with that “bot” software of any country in the world, making it a convenient vessel for hackers seeking to protect their origins.

But Jim Lewis, a cybersecurity-focused researcher at the Center for Strategic and International Studies, (CSIS) says he has little doubt that North Korea has developed a cyber espionage program that puts it around the “second tier” of countries in terms of international espionage competence. In his former position as director of strategic trade at the U.S. Commerce Department, Lewis says he learned of North Korean military attempts to assemble IT capabilities as early as 10 years ago, often buying computer equipment in duty-free shops to avert the international trade embargo on the country and even sending government officials to programming classes in New York.

South Korean intelligence has determined that North Korea has a cyber intelligence group composed of somewhere between 500 and 1,000 people, according to Chosun’s November report.

Continue reading post on Forbes

Share This Post

, , , , , , , , , , , , , , , , , , , , , , ,

This entry was posted on December 22, 2009, 3:36 pm and is filed under country-China, country-North Korea, country-South Korea, cyber-espionage. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. No comments yet.
(will not be published)