Korea and China are on the verge of a cyberwar as Chinese hackers that crashed the website of Lotte Duty Free are reportedly seeking to expand their attacks to more Korean public and private websites.

Around 30 Korean public and company websites have so far been hacked by Chinese hackers, according to local news reports. These included relevant sites for the PyeongChang 2018 Olympics and the 2017 WTF World Taekwondo Championships webpage, alongside homepages of private firms such as English-language learning company Leaders Edu.

The most prominent attack was on retail giant Lotte’s duty-free shop website early this month. Its four home pages in Korean, English, Japanese and Chinese could not be accessed. The attacks brought about around 500 million won ($431,000) in losses and Lotte Mart in China has decided to close its website as of Thursday.

“We decided to temporarily close the website out of the fear of further attacks. What is worse, as the anti-Lotte sentiment in China appears to have become anti-Korean sentiment, more Korean companies may struggle,” said a Lotte Mart official said. 

The hackers are attacking websites either by website defacement -- an attack on a website that changes the visual appearance of the site -- or a Distributed Denial of Service (DDoS) attack, which involves an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Both are intended to instill a sense of fear in the public.

“If the hackers move to attack public infrastructures such as banks and airports beyond creating an emotional shock, this may become a very serious situation and lead to a cyberwar between the two nations,” said Lim Jong-in, a professor at the graduate school of information security at Korea University.

“If that escalates into a cyberwar, Korea is still not capable of blocking the attack with its current capacity and personnel,” he added.

Currently, China has around 100,000 personnel for its cyber control tower while South Korea has around 600.

The state-run Korea Internet & Security Agency recently posted an announcement on its website, encouraging the public to upgrade their web applications such as their home page content management system and check websites’ weak spots by using KISA’s tools.

“What we can do for now is to monitor local websites and give technical support when attacks are found. Still, making any pre-emptive move for an attack is under the jurisdiction of political or investigative agencies,” said Jeon Kil-soo, chief of the Korea internet security center at the Korea Internet & Security Agency.

By Shin Ji-hye (shinjh@heraldcorp.com)