South Korean Cyberspace Under Assault From North Korean Hackers via China


Just as July was ending, the South Korean cyberspace was rattled when their social networking sites Nate and Cyworld were attacked by Chinese hackers.  Then just as August has started, the South Korean cyberspace fell once more at the hands of hackers as malicious computer software was unleashed by North Korean hackers hired by a South Korean crime ring to work in China.  Five suspected hackers are already in custody of the South Korean Police.

The hackers were said to be graduates from elite North Korean universities and were hired to hack an online gaming website to steal personal information, which was used by the South Korean crime ring to create virtual players that they then sell to other online gamers to increase their winnings. The hackers received 55% of the revenue from the sale of the identities.

These recent attacks are said to be a move done by one ‘state actor’ which is being reluctantly named but recent reports regarding hack attacks are pointing to China.  The relation of these attacks with the ones done by Anonymous and LulzSec are also being scrutinized.

“These types of exploitations have occurred relentlessly for at least a half decade, and the majority of the recent disclosures in the last six months have, in fact, been a result of relatively unsophisticated and opportunistic exploitations for the sake of notoriety by loosely organized political hacktivist groups such as Anonymous and Lulzsec,” Dmitri Alperovitch wrote on his report.

So, why, you ask, are these hackers attacking social networks and online gaming?  To boost their popularity or just because they can?  The simplest answer is this: M-O-N-E-Y.  Social networks and online gaming have received a lot of cash from users because of sheer popularity.  People are willing to spend a dollar to thousands of dollars just so they could achieve the highest level in a game or to purchase anything that their game character might need or just to ‘bling’ up their characters.  Take for example Diablo III, players will soon be able to use actual money to purchase virtual weapons, armor, and items.  Much like what PayPal does for Facebook gamers, they sell virtual cash that you can spend on your favorite games especially if they can’t wait for their energy or cash refill.

Though China is being pin-pointed as the culprit in many other cyber-attacks, there’s little evidence to prove that, mostly speculation and innuendo as analysts report that amateurs have been doing the attacks and not elite Chines commandos. To wit, it’s important not to jump on a bandwagon that this is the act of the Chinese government, when it looks like people using Chinese IP addresses.

Whoever is doing these attacks is making a point, no one is safe.  As long as you’re using the Internet, you are vulnerable.  So what can you do to avoid becoming a victim?  Don’t store sensitive data on your computer without protecting it and don’t put your sensitive information online willy-nilly.

“The problem is there isn’t really a great defensive strategy. If you’re on the Internet, you’re visible to the entire world … It’s very hard to protect yourself against every possible thing they can think to do to you,” said Queen’s University computing security expert David Skillicorn.