Security Experts Tend to Believe More of Foreign Analysis than Government Announcement on Potential Hacking from North Korea


Although number of potential hackings from North Korea is increasing, it appears as even experts in information protection do not trust related information.

Although they are vigilant in North Korea’s capabilities in cyber warfare, they are very suspicious of governmental abuse.

In month of November, Etnews investigated ‘Awareness on Potential Hacking from North Korea’ with information protection community called Security Daecheop (President Koo Tae Uhn). 

In 20th of March in 2013, huge cyber attacks occurred in financial industries and broadcasting companies where their computer network was paralyzed. In 25th of June of same year, cyber attacks occurred in Blue House and certain media. 

In last year, a hacking group stole nuclear plan and others from Korea Hydro & Nuclear Power Co. Ltd. and put them out on internet and put a lot of anxiety in South Koreans’ minds that nuclear plants might be destroyed physically. 

Every time an attack happened, South Korean Government ran joint investigation department to investigate and concluded that an attack was North Korea’s act because harmful codes, command & control (CNC) servers, IPs that were used in attacks were identical to the ones that North Korea used in the past.

After investigating cyber terror on the 20th of March in 2013, Civilian-Government-Military response team made an announcement that its method was identical to the one used by North Korea in the past.

In this year, hacking attempts that targeted Seoul Subway, National Assembly and others were concluded as act of North Korea. Although number of hacking attacks in South Korea was analyzed as act of North Korea, many of workers in cyber security field did not trust such information.

41.3% of respondents answered that they did not trust government statement on cyber attack on the 20th of March or attack on Korea Hydro & Nuclear Power Co. Ltd., and only 32.9% of respondents showed trust. One third of experts in cyber security also did not trust statement from South Korean Government.

38.3% of respondents said that a reason why they did not trust government statement was because they thought it was an example where South Korean Government was using political wind from North Korea politically. 

Respondents believed that South Korean Government was using political wind from North Korea to maintain its political power. 34.3% of respondents replied that there were not any decisive evidences that attacks were from North Korea, and 15.4% replied that it is difficult to trace attackers on an internet. Responses of not trusting South Korea’s analytical skills on cyber attacks also took 3.4%.

Although there were many respondents who did not trust government statement, 84.1% of them replied that North Korea’s cyber attacks on South Korea are at work. 23.4% and 46.8% of respondents believed that North Korea’s capabilities in cyber warfare are very high and high respectively. 

There was high wariness on danger of North Korea’s cyber warfare, and 93.6% of respondents replied that possibility of hacking attacks are generally high.

Recently there were many instances when global security businesses such as Symantec, Fireye, Paloalto Networks, Kaspersky Lab and others made statements on North Korea as main agent of cyber attacks. Respondents trusted analysis of these businesses more than government statement.

49% of all respondents trusted information on foreign businesses’ analysis. 53.6% of responses on why they trusted foreign security businesses’ analysis is that it is an objective response that was not pressured by South Korean Government. Inclusion of evidences that have credibility on data (24.3%) and techniques and analytical skills that are better than South Korean businesses (16.6%) also had effects.

4 of 10 respondents did not even believe media report that concluded that main agent of cyber attacks is North Korea, and only 25.8% of respondents trusted media report. After investigation, 34.9% of respondents responded that they did not trust media related to South Korean security since there are many instances when main agent of cyber attacks is fixed as North Korea. 

19.8% of respondents thought that media report lured readers with suggestive phrases, and 17.7% of respondents thought that media report was monotonous. 9.4% and 7.3% of respondents did not trust media report due to difficult information to comprehend and error in technical analysis respectively.

This investigation took place in November targeting 200 people.

Staff Reporter Kim, Insoon | [email protected]

About Author

Comments are closed.