Yi Whan-woo is a Korea Times journalist primarily covering finance. He writes in-depth articles on macroeconomy and financial markets and previously covered sports, politics, diplomacy and inter-Korean affairs, among others. Feel free to contact him at yistory@koreatimes.co.kr.
NK denies allegations on Seoul subway hacking
By Yi Whan-woo
North Korea on Thursday denied allegations that it hacked into a Seoul subway operator last year, saying the accusation is “childish slander” from South Korea.
“Whenever those incidents occur, the plotters in the South frame us without any evidence,” said Pyongyang’s propaganda website, Uriminzokkiri. “They have a vicious habit of exploiting us when they’re being cornered in domestic politics. And they better remember their scheme could deal a blow to themselves if they continue to make such groundless claims.”
Uriminzokkiri said Seoul often made accusations against Pyongyang when cyber attacks happened here.
“It wasn’t just a couple of times Seoul was embarrassed by making false claims that we were responsible for cyber terror,” the website said.
North Korea’s denial came after Seoul Metro, the operator of the city’s four major subway lines ― 1,2,3 and 4 ― said on Monday that Pyongyang was suspected of hacking into its personal computer (PCs) and servers around March 2014.
Over 4,200 PCs were damaged at the time, including 58 that were infected with malicious code and 213 others that were not accessible to the Internet. The two servers for the management of PCs and websites also went down. The PCs and the servers are now fully restored, according to Seoul Metro.
The subway operator said it had asked the National Intelligence Service (NIS) to look into the case after discovering in July last year that 12 electronic documents were stolen from three PCs.
Citing the NIS’s conclusion on its investigation, Seoul Metro said Pyongyang’s Reconnaissance General Bureau (RGB), which is in charge of the military regime’s secret operations, was behind this instance of cyber terror.
Seoul Metro said the hackers had used an advanced persistent threat (APT), a set of stealthy and continuous computer hacking processes, to break into the system.
The NIS claimed the RGB allegedly employed the APT in March 2013 when South Korea’s major broadcasters ― KBS and MBC ― and commercial banks suffered a series of cyber attacks.
The NIS, however, said it is not fully accounted for when the hacking exactly took place and who carried out the cyber attack against the subway operator.
The latest hacking comes amid growing concerns over Seoul’s capability to prevent cyber terror from both state-sponsored and private hackers.
Seoul Metro, a public company under the Seoul Metropolitan Government, said the number of cyber terror cases against the system hit 370,713 in 2014, up from 184,578 in 2013. It said the figure stood at 350,188 between January and September this year.
It said it has enhanced its online security system, including installing a counter-APT system.