'The Godfather of Anti-South Operations' Kim Yong-chol Returns... Offensive Intensifies
Concerns Over 'Election Interference' from North Korea, China, and Russia
Central Election Commission System Check... "Eliminate Manipulation Controversies"
1.37 Million Public Hackings in Japan in H1... Mostly Attributed to North Korea
The National Intelligence Service (NIS) anticipates that cyber operations targeting South Korea by hostile countries, including North Korea, will intensify ahead of next year's 22nd National Assembly elections. Particular attention was drawn to the recent return of Kim Young-chul, a former Labor Party South Korea Secretary known as the godfather of cyber operations, as an advisor to the United Front Department.
On the 19th, Baek Jong-wook, the 3rd Deputy Director of the NIS, held a press briefing at the National Cybersecurity Cooperation Center in Seongnam, Gyeonggi Province, stating, "With our general elections and the U.S. presidential election approaching, there is a possibility that cyber influence operations aimed at inducing changes in awareness or behavior will intensify."
Baek Jong-wook, 3rd Deputy Director of the National Intelligence Service. [Photo by National Intelligence Service]
Deputy Director Baek said, "Kim Young-chul is the figure who led past attacks such as the July 7 DDoS (Distributed Denial of Service) attack, the destruction of the NongHyup computer network, and the June 25 cyber attacks," adding, "There is also a possibility that large-scale cyber provocations, such as 'S/W (software) supply chain attacks,' could be used to induce social chaos for internal cohesion and turning points." He emphasized, "Not only North Korea but also China and Russia could intervene in the general elections if necessary," and added, "We are monitoring how they might be involved and are devising countermeasures."
The NIS has been conducting an initial inspection of the Central Election Commission's system since the 17th to secure the 'general election management system.' Deputy Director Baek explained, "This is to eliminate controversies about whether the election was manipulated or not and to verify the system's safety." He added, "After the inspection, we will be able to speak about the system's safety from a third-party perspective." Although they would like to support the systems of the National Assembly, ruling and opposition parties, and individual candidates, they plan to limit their role to explaining the cyber threat situation from North Korea, China, and others to avoid being perceived as 'interference.'
1.37 Million Daily Hacking Attempts... "Concerns Over Theft of Space and Defense Technologies"
According to the NIS, in the first half of this year alone, an average of 1.37 million cyberattacks per day were detected in the public sector by state-backed and international hacking organizations. This represents about a 15% increase compared to the 1.18 million daily attacks in the first half of last year. Approximately 70% of all attack attempts were attributed to North Korea, with China-linked organizations accounting for 4%, and Russian hacker groups 2%.
In particular, North Korea's supply chain software attacks have more than doubled compared to the second half of last year, and hacking techniques aimed at email theft are becoming more sophisticated, according to intelligence authorities. Hacking incidents targeting unspecified large groups continue, with a recent example being North Korea's creation of a phishing site that perfectly mimics the portal site 'Naver.'
Since the end of last year, there have even been attempts to temporarily take control of more than 10 million domestic PCs by attacking security company programs widely used for 'joint certificate login,' such as Inisafe and MagicLine. Furthermore, the NIS believes that this year North Korea is likely to focus on stealing advanced technologies in the space and defense sectors to develop intercontinental ballistic missiles (ICBMs) and reconnaissance satellites.
The NIS plans to strengthen its cyber threat response system through cooperation with allied countries and the private sector. An NIS official explained, "The security advisories exposing North Korea's illegal cyberattacks, issued three times this year in collaboration with intelligence agencies from the U.S. and Germany, have shown some effect." Similar advisories are expected to be released in the second half of the year in cooperation with intelligence authorities from the U.K. and Japan.
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
