The Korea Herald

소아쌤

China launches cyberattacks against South Korea in protest of THAAD: former US Navy commander

By Yeo Jun-suk

Published : April 27, 2017 - 16:04

    • Link copied

In protest against South Korea’s decision to deploy a US advanced missile defense system, China has conducted multiple cyberattacks against the South Korean government and business sectors, said a former US Pacific Fleet commander Thursday.

Retired Adm. Patrick Walsh, who is now vice president of customer education at American cybersecurity firm FireEye, suggested that there is “clear correlation” between the increased number of China-originated cyberattacks and South Korea’s decision to deploy the Terminal High Altitude Area Defense anti-missile system.

Retired Adm. Patrick Walsh, who is now vice president of customer education at American cybersecurity firm FireEye after serving as a commander of the US Pacific Fleet Command (Yonhap) Retired Adm. Patrick Walsh, who is now vice president of customer education at American cybersecurity firm FireEye after serving as a commander of the US Pacific Fleet Command (Yonhap)

“The correlation appeared to be clear. This is connected to the request by the South Korean government for the deployment of THAAD,” Walsh said at a press conference in Seoul.

“We have seen over time the evolution of Chinese espionage program. Early on, they have focused on defense industrial programs and the focus was on intellectual property theft. … Most recently, (we are seeing) the example of the THAAD hacktivism.”

According to the Wall Street Journal, the California-based cybersecurity firm claimed Chinese state-backed hackers have recently targeted South Korean entities involved in deploying THAAD. Among them were the South Korean government, military, defense companies and a big conglomerate, the company added.

The former navy commander reiterated the assertion, adding that China might have targeted entities and groups that support the THAAD system, rather than attacking the military platform itself.

“My understanding of where those attacks taking place had been more in the support of THAAD, rather than the THAAD system itself. … My understanding from open source, news release information is that THAAD system itself was not affected, but their supporting elements may have been targeted for the attack.”

While highlighting the vulnerability of the network system being used for the military platform, the admiral declined to comment on whether Chinese state-backed hackers could neutralize THAAD’s missile defense capability by hacking into the platform’s data-link system.

China has long opposed the deployment of THAAD in South Korea, saying its radar system can reach deep into its own territory and compromise its security. On Wednesday, China’s Foreign Ministry called for the withdrawal of THAAD, warning it would take the “necessary steps needed to protect” its own interests.

Describing China and Russia as the “most prevalent and skilled sponsor” for cyberattacks, the retired admiral suggested that Beijing has used the attacks as a means to advance its military technology, protect the Chinese Communist Party and enhance its geopolitical interest.

North Korea, on the other hand, has looked for more “symbolic objective” when engaging in cyberattacks, he noted, suggesting that the community country had used the attacks to protect the leadership’s image and promote national pride.

One example is Pyongyang’s cyberattack against Sony Pictures in 2014, when the film company tried to release “The Interview,” a comedy movie about a plot to assassinate North Korean leader Kim Jong-Un.

“The attack was destructive and explosive,” said Walsh. “In my country, it prompted the question of where and what is the role of the government when it comes to companies that are attacked by (a) nation state. The answer that we give is we don’t advocate offensive capability or hacking back,” he said.

By Yeo Jun-suk (jasonyeo@heraldcorp.com)