Institute for Ethics and Emerging Technologies

The IEET is a 501(c)3 non-profit, tax-exempt organization registered in the State of Connecticut in the United States. Please give as you are able, and help support our work for a brighter future.

Search the IEET
Subscribe and Contribute to:

Technoprogressive? BioConservative? Huh?
Quick overview of biopolitical points of view

whats new at ieet

Will World War 3 Be Prevented Because of Global Interdependence?

The Injustice of Sexism

NASA Can Get Humans to Mars by 2033 (Without a Budget Increase!)

Where does intelligence come from?

8th Beyond Humanism Conference

The Universal Balance of Gravity and Dark Energy Predicts Accelerated Expansion

ieet books

Philosophical Ethics: Theory and Practice
John G Messerly


instamatic on 'NASA Can Get Humans to Mars by 2033 (Without a Budget Increase!)' (May 26, 2016)

almostvoid on 'Where does intelligence come from?' (May 26, 2016)

almostvoid on 'The Future of PR in Emotionally Intelligent Technology' (May 25, 2016)

almostvoid on 'Rituals Improve Life According to Ancient Chinese Philosophers' (May 25, 2016)

almostvoid on 'Optimize Brain Health by Balancing Social Life with Downtime' (May 23, 2016)

instamatic on 'Faithfulness--The Key to Living in the Zone' (May 22, 2016)

R Wordsworth Holt on 'These Are the Most Serious Catastrophic Threats Faced by Humanity' (May 22, 2016)

Subscribe to IEET News Lists

Daily News Feed

Longevity Dividend List

Catastrophic Risks List

Biopolitics of Popular Culture List

Technoprogressive List

Trans-Spirit List


Enframing the Flesh: Heidegger, Transhumanism, and the Body as “Standing Reserve”

Moral Enhancement and Political Realism

Intelligent Technologies and Lost Life

Hottest Articles of the Last Month

Ethicists Generally Agree: The Pro-Life Arguments Are Worthless
May 17, 2016
(4286) Hits
(10) Comments

Artificial Intelligence in the UK: Risks and Rewards
May 12, 2016
(3321) Hits
(0) Comments

Nicotine Gum for Depression and Anxiety
May 5, 2016
(3027) Hits
(0) Comments

3D Virtual Reality Is the Best Storytelling Technology We’ve Ever Had
May 5, 2016
(2843) Hits
(1) Comments

IEET > Security > Cyber > Contributors > Steve Burgess

Print Email permalink (0) Comments (8524) Hits •  subscribe Share on facebook Stumble This submit to reddit submit to digg

Regional Cyberwar: North Korea vs South Korea

Steve Burgess
By Steve Burgess
CyberWar Blog

Posted: Jan 26, 2012

To many modern readers, the issue between the Koreas is distant and a bit unreal. We see the now-deceased comical madman leader and his hapless current heir. This author’s father, on the other hand, lost a favorite younger brother to a Korean landmine in the 1950’s, making the ongoing conflict tangible. While conventional weapons are in use between these two halves of a nation, still technically at war with itself, the cyber background is still full of landmines as is the very real DMZ on the 38th parallel.

North Korea is thought to have targeted cyberattacks against the United States and South Korea since at least 2009, including successful attacks against Korean sites and the public websites of the Federal Trade Commission, Department of the Treasury and (somewhat ineffectively) against the White House.

While the US military has created a beefy military cyberforce in United States Cyber Command (USCYBERCOM), to answer such aggression, South Korea appears to be starting its cyberdefense less assertively. Korea University has teamed up with the South Korean military to create a cyber-defense course of study in its Center for Information Security Technologies (CIST) intending to graduate 30 students per year after a 4-year curriculum. Seems like a timid response to threats from the North. While it’s anyone’s guess what changes North Korea’s new leader, Kim Jong Un, will make in the makeup of military efforts for that country, conventional wisdom suggests that the military will stay largely in control of its own moves. Kim Il Political University, formerly Mirim College, is purported to graduate some 100 trained hackers per year and has hacking units in its Reconnaisance Bureau containing 1,000-3,000 cybertroops ready to be led by the new grads.

The massive DDoS (distributed denial of service) attacks against South Korea in July 2011 were some of North Korea’s opening salvos - crude, but effective in shutting down some 40 websites in the South. 30 million customers of Nonghyup Agricultural Bank lost access to their accounts and much data was purported to have been lost permanently. The attack was considered to be the first attack on a financial institution by a state actor.

But was it crude, really? DDoS tends to be more sledgehammer than surgical incision. Preparation for the attack included establishing a broad-based botnet of compromised computers, through the distribution of Trojan horses or other malware to prepare an army of slaved computers listening for orders. Typically then, these millions of slaved computers receive an order to communicate with the victim server. The millions of requests overwhelm the target server or its incoming bandwidth and it is unable to respond to normal, legitimate requests, and may shut down.

The Korean DDoS attacks may have been crude in nature but McAfee Labs researchers say that there were sophisticated attributes in the operation. The malware infecting the botnetted computers was designed to operate for ten days, and then to crash the infected computer such that a full rebuild was likely to be necessary. Such a rebuild would overwrite the operating system, applications and user data making forensic backtracking difficult. Most modern malware preserves the host for future use in the botnet. The Korean attack’s malware used a variety of differing and difficult encryptions, further foiling analysis. The attack also used a multitier architecture to make the network more resilient to takedown. These characteristics point to the project being a more sophisticated learning exercise than the fact of the attacks being basic DDoS would suggest. There may have be ulterior motives hidden behind the apparent primitive facade - probing the defense, seeing what barriers pop up in response.

Kim Jong Il died December 17, 2011 - about a month before the writing of this article. Cyber attacks attributed to North Korea had been increasingly reported from 2009 until mid-2011. But, now what? A review of news on the subject for the past six months typically shows articles referencing only the mid-2011 attacks and earlier. Why the hiatus?

Perhaps there has been disruption in the program due to the changing of the “Dear Leader” guard. Perhaps projects have been put on hold until the new tyrant settles in. Kim Jong Un has had educational opportunities in the West and therefore much easier access to computers and the Internet than his fellow countrymen. Some believe he would be more likley to use cyberwarfare rather than, or in addition to, conventional saber-rattling and warfare. Or perhaps the new leader is not in charge and policy direction needs to settle out. Perhaps analysis of results from the July attacks is still being carried out in North Korea, with preparation for a new set.

South Korea has one of the world’s most integrated and developed telecommunications networks and as a result may be particularly susceptible to cyberattack. It is no doubt also quite susceptible to EMP. The North’s national communications infrastructure is purportedly not very advanced or high-tech. The Internet is inaccessible to the masses, as are cell phones. North Korea is therefore relatively impervious to the kinds of attacks - such as an “accidental” EMP during a weapons “test” - that could cripple more advanced countries, especially ones as close as the South.

Our spy networks do not operate very well with respect to North Korea, “a virtual black hole for most intelligence agencies.”  The country has a very high level of secrecy and official paranoia. Not much leaks out. Therefore the question arises: is a massive, crippling cyberattack against South Korea’s tech infrastructure imminent. Or is this just buying to the paranoia endemic to the North? It’s anybody’s guess.

Steve Burgess is principal of Burgess Consulting & Forensics, a computer forensics and expert witness firm, and is host of the radio program, "Speaking of Technology: Conversations with Tech Experts and Innovators."
Print Email permalink (0) Comments (8525) Hits •  subscribe Share on facebook Stumble This submit to reddit submit to digg


YOUR COMMENT (IEET's comment policy)

Login or Register to post a comment.

Next entry: The Growing Evidence for Octopus Intelligence

Previous entry: Demonstration for Radical Life Extension in Tel Aviv


RSSIEET Blog | email list | newsletter |
The IEET is a 501(c)3 non-profit, tax-exempt organization registered in the State of Connecticut in the United States.

East Coast Contact: Executive Director, Dr. James J. Hughes,
56 Daleville School Rd., Willington CT 06279 USA 
Email: director @     phone: 860-428-1837

West Coast Contact: Managing Director, Hank Pellissier
425 Moraga Avenue, Piedmont, CA 94611
Email: hank @