North Korea’s cyber warfare unit was back in the spotlight on Tuesday after South Korean prosecutors blamed the North for launching an online attack that crippled computer operations at one of Seoul’s biggest banks last month.
Prosecutors pinpointed the North’s top intelligence agency, the Reconnaissance General Bureau, as the perpetrator of the attack that paralyzed the computer system of the National Agricultural Cooperative Federation, or Nonghyup, for weeks.
Calling the attack an act of “unprecedented cyber terror,” prosecutors said the pattern and methods of the April attack were identical to those used by North Korea. South Korea accused the North of launching cyber attacks on Web sites of government agencies and financial firms in March this year and last July.
Intelligence officials in Seoul believe that North Korea has about 1,000 hackers in its cyber warfare unit under the command of the Reconnaissance General Bureau.
The North’s reconnaissance bureau is run by Kim Yong-chol, who is believed in South Korea to have been involved in Pyongyang’s two deadly attacks last year ― the sinking of the Cheonan warship and the shelling of Yeonpyeong Island. The two attacks killed a total of 50 South Koreans, including two civilians.
It is also widely believed that some of the North Korean hackers were based in China, such as Beijing, Heilongjiang and Shandong, in an apparent bid to make it difficult to definitely identify the attackers quickly, according to the intelligence officials.
Last year, Unification Minister Hyun In-taek told lawmakers that, “It is a widely known fact that the source of cyber attacks via China is North Korea.”
Hyun, the South’s point man on North Korean policy, said his government has acknowledged the “seriousness” of the North’s cyber attacks.
Along with special forces, long-range artillery and underwater forces, cyber attacks have been categorized as one of North Korea’s “asymmetric military capabilities,” according to the South’s defense ministry.
To guard against the North’s growing cyber threats, South Korea’s military launched the Cyber Command early last year.
The information security command plans to more than double the number of its personnel to some 500, the defense ministry said.
A ministry official said the Cyber Command wasn’t involved in the investigation into the North’s cyber attack on Nonghyup because the probe is out of the command’s jurisdiction.
However, the command is “closely cooperating with the National Intelligence Service and police to cope with cyber threats from North Korea,” the official said.