By Jun Ji-hye
The prosecution said Wednesday that it is investigating an information technology firm over allegations that it helped North Korean hackers attack South Korean computer networks.
According to the Seoul Supreme Prosecutors’ Office, its officials and agents of the National Intelligence Service (NIS) Tuesday raided the firm’s office as well as the house of its president, surnamed Kim.
50-year-old Kim is suspected to have violated the National Security Law by helping North Korean hackers residing in China spread a malicious code to the South. The law bans any activities that benefit or praise the communist North.
Two other firms that lent servers to Kim were included as subjects of the raids.
The prosecution said that Kim is under suspicion of helping the hackers set up “zombie PCs” called “Botnet” in the South.
Zombie PCs refer to computers infected with malicious software and programmed to conduct the attack so that it can be served as the main tool for the hackers. Those are usually used for large-scale cyber attack, including the distributed denial-of-service (DDoS) attack.
Kim is said to have hired servers from some domestic enterprises about two years ago and handed in IDs and passwords to hackers so that they can access these servers. Kim also allowed them to use Internet software of his company.
Thanks to this, hackers successfully penetrated computer networks in the South and circulated malicious code that created zombie PCs, the prosecution said.
The law enforcement agencies anticipated that the number of domestic computers that the hackers already infected with malicious programs through Kim’s assistance would amount to about 110,000.
As soon as they complete analyzing seized articles, the NIS plans to summon and further investigate Kim.
Kim, who had lived in China until the end of the 1990s, took a lead to establish the joint IT venture between the South and North at the beginning of the 2000s. From then, he continued to conduct activities regarding inter-Korean economic cooperation in the IT sectors.
According to the prosecution, the likelihood is that Kim could have opportunities to contact North Korean spies during these endeavors.
Cyber attacks, suspected to be conducted by the communist regime, were hacking bank networks and television networks on March 20 and two DDoS attacks in 2009 and 2011.
Major government institutes including Cheong Wa Dae, the National Assembly, foreign ministry and defense ministry were hacked in 2009.