Home >> East Asia >> North & South Korea

     Email   Print 

Cyber attack on South Korea

Iqbal Ahmed - 9/13/2011

What should South Korea do to prevent future cyber attacks?

Globalization has united the world. But it has also made it vulnerable to cross-border crimes at the hands of the terrorists and hackers without having them to cross any border.

To combat cyber terrorism, South Korea must examine the following issues: a) How should intelligence factor into South Korea’s policy decisions? b) What intelligence do the policy makers of South Korea would like to have? c) How the intelligence would be obtained?

The cyber attacks:

In April 2011, a computer virus attacked 10 servers of South Korea’s agricultural cooperative known as Nonghyup, affecting 30 million users. They could not use ATMs and online services. On July 4, 2009 another malicious software virus attacked South Korea government websites through a “denial of service” scheme. Furthermore, the attack affected several U.S. government websites.

North Korea has been implicated into launching these cyber attacks. But the authorities in South Korea have yet to identify the source of these attacks.

How are these cyber attacks defined?

Experts call these cyber attacks asymmetric threats where weaker countries “inflict damage on a richer, more developed rival.”

How should intelligence factor into South Korea’s policy decisions?

The intelligence should provide South Korean policy makers a guidance to craft policies to combat future cyber attacks against its computer networks. The intelligence on the source of the malicious software will enable South Korea to examine its diplomatic relationship with North Korea, which, for example, could prevent any unprovoked military engagements from the North. A tactfully crafted diplomatic solution could stabilize the relationship between the two countries. We must bear in mind that the two countries are still technically at war.

Finally, the intelligence will enable South Korea to build a coordinated computer network defense system with its allies against cyber attacks.

What intelligence do the policy makers of South Korea would like to have?
First, the S. Korean policy makers must identify the source of the virus. The South Korean authorities have yet to identify the source of the malicious software. Second, the policy makers need to identify the vulnerable source(s) of S. Korean computer networks. For example, computer passwords in various financial sectors are generally considered to be “weak” in South Korea.

Finally, the security of the South Korean peer-to-peer file-sharing system needs be examined. The intelligence on cyber crimes would not work alone. They must be aligned with policy, public education, and improved technological infrastructure.

How the intelligence should be obtained?

The South Korea policy makers should gather intelligence about the cyber attacks from the following sources: a) Cyber Warfare Command; b) Cyber Terror Response Center. Both of these are South Korean intelligence agencies. Additionally, the intelligence must be gathered through a network of international communities dedicated to prevent cyber attacks. For example, developed countries like the U.S., Canada, New Zealand, UK, and Germany must forge a global partnership with emerging countries like India, China, Indonesia, and Philippines to build cyber network defense systems against cyber attacks.

To prevent any further damaging cyber attacks, South Korean policy makers must work closely with their intelligence community to build sustained and effective policies against cyber attacks. In doing so, South Korea must also rely on its allies and their resources to build a robust network defense system.