According to a high-profile North Korean defector who once worked as a university professor said the North Korean army currently employs over 6,000 hackers and has the ability to destroy U.S. cities.
Kim Heung-Kwang, has been a science professor at the university in North Korea for the last 20 years, but fled the country in later 2004.
While speaking with BBC, Kim estimated that some 20% of North Korea’s military spending goes towards Bureau 121, North Korea’s elite hacking army unit. The bureau, is widely believed to operate out of China, and has been credited for numerous high-profile attacks.
“The reason North Korea has been harassing other countries is to demonstrate that North Korea has cyber war capacity,” Kim said speaking with BBC on Bureau 121 and North Korea’s regime. “Their cyber-attacks could have similar impacts as military attacks, killing people and destroying cities.”
The professor also claimed that North Korea is working on developing their own malware based on Stuxnet, an advanced computer virus that not only infected targets, but aimed to wreak physical havoc on systems the computer controlled. The Stuxnet virus was the first of its kind, even being labeled “the world’s first digital weapon.”
Kim believes the country is working on a piece of malware with a Stuxnet-origin aimed at targeting nuclear plants, citing many previous attacks where the army has specifically targeted South Korean infrastructure, including power plants in banks.
“[A Stuxnet-style attack] designed to destroy a city has been prepared by North Korea and is a feasible threat,” Professor Kim said.
To give Kim some validity, he told BBC reporters that he has regular contact with key individuals within North Korea that have access to secret military cyber operations.
Just earlier this year, the South Korean government blamed North Korea for hacking into the country’s Hydro and Nuclear Power Plant.
“Although the nuclear plant was not compromised by the attack, if the computer system controlling the nuclear reactor was compromised, the consequences could be unimaginably severe and cause extensive casualties,” Kim added.
A Closer Look Inside Bureau 121
When it comes to cyberattacks, few groups rack up against North Korea’s Bureau 121, which has successfully operated since the late nineties.
A majority of security researchers have concluded that the bureau operates out of China, and more specifically, inside the basement of a popular Korean restaurant who is highly rated among foodies.
“We need to collect the evidence of North Korea’s cyber terrorism and report them to UN Human Rights Council and other UN agencies,” Kim said speaking on counterattacks to thwart the country’s hacker army. “If North Korea continues to cause damage in this way, an organisation such as Icann should ban North Korea.”
ICANN is the Internet Corporation for Assigned Names and Numbers, a government run institution that serves the Internets domain names including .com, .org and .net.
Theoretically, ICANN could shut down North Korea’s main domain extension, .kp. However, after speaking with BBC, ICANN officials said their powers are limited regarding this.
“Icann does not have the power, nor remit, to ban countries from having a presence on or access to the Internet,” said Duncan Burns, ICANN’s head of communications. “Icann’s primary role is the coordination of the internet’s unique identifiers to ensure the stability, security and resiliency of the internet. We rely on law enforcement and governmental regulatory agencies to police reported illegal activity.”
Many believe shutting down North Korea’s .kp would have little to no effect, as many security researchers believe the hacking army’s extent spans far outside the country’s borders.
Speaking on North Korea’s growing cyber army, Kim said the issue cannot be solved by one or two countries. “The international community needs to pay attention to North Korea’s attempts to destroy the internet,” he concluded.
North Korea’s extensive hacker army news comes just as the U.S. was caught trying to implant Stuxnet-style malware in North Korea but failed. Covert operations aimed to attack North Korea’s nuclear weapons programs with a virus developed some five years ago, a new US intelligence source revealed.
However, the Stuxnet-type virus blew up in the National Security Agency’s (NSA) face, failing to penetrate any of North Korea’s systems. The U.S. attack failed on the country due to their limited internet, basically saying, the U.S. could not hack North Korea due to their lack of internet.
“North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China,” Reuters reported.
North Korea’s cyber army has been successfully running since the 90’s and will presumably continue too unless harsh actions are taken against them and their cyber defense.