This is the first installment in a series of articles delving into South Korea’s cybersecurity challenges, mostly posed by North Korea, and efforts to tide them over. ― Ed.


South Korea boasts cutting-edge digital technology, efficient computer networks and the world’s top high-speed Internet penetration rate. But behind these feats is an unpalatable truth: A vulnerability to cyberattacks.

Cyber incursions by adversaries could paralyze financial, traffic, aviation and power supply centers, broadcasting networks, communications channels and state governance apparatuses, which could seriously impact people’s lives.
 

North Korea has proved its will and capability to mount such cyberattacks against South Korea in recent years, exploiting the easy accessibility and anonymity of the transnational cyber domain, and the difficulty of singling out a culprit for cybercrimes.

Analysts said that amid the fast spread of cybertechnologies and tools, each individual nation and the international community should focus more on crafting security measures and enhancing multilateral cooperation to fend off cyberattacks, which could be as devastating as physical military strikes.

“The continuously evolving multi dimensional character of information and cyber operations enables new types of ‘force multipliers’ ― the ability to operate rapidly against distant adversaries without the commitment of combat personnel,” said Michael Raska, research fellow at the S. Rajaratnam School of International Studies, Nanyang Technological University.

Hackers also have “the ability to act in secret by minimizing exposure, attribution and subsequent risks of counterattacks; and the ability to use cyberweapons to disrupt, deny, destroy, or subvert key nodes of critical national infrastructures. Together, these forms of attacks will evolve into new types of weapons of mass effectiveness.”

Mindful of the catastrophic fallout from potential cyberattacks, governments around the world including South Korea’s have been striving to nurture cyber experts, called “white-hat hackers,” develop their deterrence capabilities, and seek international collaboration.

But there has not been substantial progress, with the world failing to reach consensus over various issues including how to establish norms, laws and rules of engagement for cyberwarfare. Also, to what extent restrictions should be imposed in the cyberrealm ― an issue some argue could lead to a stifling of free, fair cyber activities.

In South Korea, cybersecurity has taken on greater importance in its defense policy in recent years as Pyongyang has launched a host of cyberattacks and electronic strikes by recruiting thousands of specially trained troops including some based in China and other foreign locations.

Pyongyang has used electromagnetic waves to jam satellite traffic navigation signals in the South and launched a distributed denial of service attack and other forms of cyberattacks on banks and the websites of major businesses and public agencies including Cheong Wa Dae, the National Assembly and the Defense Ministry.

Analysts said that the North has focused its military attention on developing asymmetrical warfare tactics, including cyber capabilities, as these can cause massive damage to its more affluent, technologically advanced enemies at low cost.

The North’s focus on cyber capabilities underscores its recognition that it cannot fight and win in a conventional war with the South due to outdated military equipment and a lack of financial wherewithal to wage and sustain a war, experts said.

“North Korea recognizes the technological superiority of South Korea and the U.S. and seeks means to undermine that superiority; cyberattacks can do just that,” said Bruce Bennett, senior defense analysts at the U.S. think tank RAND Corporation.

“If North Korea really does have several thousand hackers testing the Internet and businesses in the South on a day-to-day basis, they have likely penetrated many computer systems and established so-called ‘Trojan horses’ which they could turn to in a conflict situation, and use to damage or take control of those computers.”

The anonymous nature of cyberspace has further encouraged the North to pursue and actually carry out cyberterrorism, experts said. Each time South Korea blamed the North for cyberattacks, Pyongyang denied its responsibility, calling Seoul’s argument a complete “fabrication.”

In the wake of a series of North Korean cyberattacks, Seoul has sought to strengthen cybersecurity by establishing a cyberwarfare command, educational organizations and legal frameworks to push for cyber protection. Yet, those efforts have lost steam due to budget constraints, public apathy and growing conventional military threats from the North.

“After the serious cyberattack on March 20 last year, the presidential office of Cheong Wa Dae vowed to play a role as a cybersecurity control tower. But there has not been any organization built yet to enforce those efforts,” said Lim Jong-in, dean of Korea University’s graduate school of information security.

“We have thought much about cybersecurity. But those thoughts have not been put into action … part of the reasons why South Korea’s overall cybersecurity remains still weak.”

Apart from national and military efforts, private firms have also struggled to shield their computer networks from cyberattacks that could have a detrimental impact on their corporate image and protection of intellectual property.

“Basically, whatever our employees produce online, we regard it as our intellectual assets, and we, therefore, try to protect those assets considering that they might be linked with our trade secrets or our firm’s confidential information,” said an official of a South Korean conglomerate, declining to be identified.

“For cybersecurity, the company provides regular educational sessions to constantly raise security awareness, and keeps on strengthening physical protection mechanisms including one, for example, that prevents an employee from storing company documents in portable hard-drives or memory sticks.”

Analysts stressed that Seoul needs to establish a comprehensive, long-term cybersecurity strategy including more systematic measures to raise cyber specialists.

“Recognizing the progressive complexity of cyberthreats is the first step toward conceptualizing, planning and integrating a multilayered cyberdefense strategy in South Korea. South Korea’s defense planners must project the role of cyberwarfare in possible future conflicts on the Korean Peninsula,” said Raska.

“They must work to identify vulnerabilities, and draft guidelines for potential contingencies. They must recruit the best cyber specialists and pair them with defense and strategic experts; devise partnership links with commercial information security firms, and educate personnel.”

By Song Sang-ho (sshluck@heraldcorp.com)