By Charles Miller
In April 2012, nearly half of the servers for the Nonghyup Bank of South Korea crashed all in one day. Thirty million customers were unable to use online services, ATMs were shut down for several days, and some important data were destroyed. After months of painstaking work, investigators found evidence indicating that they were dealing with a new kind of cyber attack and that its source was probably North Korea. This incident is now being described as the first known case of computer sabotage by one nation against the financial institutions of another country.
Conclusively identifying who ordered a cyber attack is notoriously difficult; there is no paper trail, it is easy for the perpetrators to cover their tracks, and the attack can literally come from every direction at once. Distributed Denial of Service (DDOS) is one form of attack in which thousands or even millions of computers around the world are infected with malware, then at a specified time all the infected computers mount a coordinated attack to overwhelm the target. This new world of cyber warfare offers poor nations inexpensive opportunities to inflict very expensive damage on a richer, more developed rival. The April 2012 attack caused such havoc that the South Korean bank pledged to spend almost a half billion dollars over four years to beef up their network security.
It is striking to compare the two belligerents in this attack. South Korea is the most wired country on the earth with over 90 percent of the population having access to high speed internet. South Koreans work, bank, shop, and store all kinds of records online. By contrast, North Korea is an isolated, impoverished communist state having only 1,025 allocated Internet IP addresses for the entire country. Since North Korea has no modern infrastructure, it appears their leadership feels no vulnerability to cyber warfare, and so they are working to develop offensive attack capabilities. This is one of the reasons why North Korea was suspected of being responsible for the recent attack against Sony.
Security experts who have investigated the 2012 bank attack say it shows North Korea possesses rudimentary cyber attack skills now, but that its growing expertise means it could next target military, communications, transportation, and critical infrastructure networks not only on the peninsula, but worldwide. It would seem completely irrational for North Korea to attack the US or Mexico, but former White House counterterrorism official Richard A. Clarke has co-authored the book Cyber War. He writes, “North Korea regularly does things that seem like irrational acts.” What to do about such a rogue nation state is something for which nobody seems to have any answers yet.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 415 101-8528 or email FAQ8 (at) SMAguru.com.