North Korea's hacking abilities 'beyond imagination,' defector says

A former North Korea cyber expert says hacking South Korea "a piece of cake."

ByABC News
October 11, 2017, 5:57 PM

— SEOUL -- North Korea's hacking capabilities are "beyond imagination," one former computer expert for the North told ABC News in the wake of Tuesday's report that the nation had stolen secret intelligence documents, including the U.S.-South Korean war strategy.

Secret intelligence documents and photos unilaterally collected by the U.S. military were among the stolen cache of South Korea’s classified documents by North Korean hackers, but the totality of what was stolen remains unknown, according to South Korea’s ruling Democratic Party lawmaker Lee Cheol-hee.

Malware contamination of the intranet server of the cyber command that occurred in September last year was confirmed by the South Korea’s Defense Ministry in May but this is the first glimpse of the scope of the damage.

The stolen trove totals about 235 gigabytes of data, equivalent to 15 million pages of documents. About 80 percent of the stolen materials have yet to be identified. But among them, Lee said, were U.S.-South Korean plans for a decapitation strike against North Korea to remove Kim Jong Un, as well as classified reconnaissance information collected by the U.S. military shared with the South Koreans.

"The way it got hacked was preposterous," Lee told ABC News. "It wasn't because North Koreans had advanced hacking skills, but was due to negligence on the South Korean part."

PHOTO: North Korean leader Kim Jong Un delivers a statement in response to President Donald Trump's speech to the United Nations, in Pyongyang, North Korea, Sept. 21, 2017.
North Korean leader Kim Jong Un delivers a statement in response to President Donald Trump's speech to the United Nations, in Pyongyang, North Korea, Sept. 21, 2017.

Although there are strict security restrictions in using computers within the military, Lee says huge "holes" have been exposed at times when the intranet and the extranet were connected. North Korean hackers were able to steal data through malicious virus codes that they had implanted inside a software vaccine company that provide exclusive services as a subcontractor to the South Korean military, according to Lee.

The North has previously been accused of hacking into other South Korean government agencies, banks and media outlets as well, but Pyongyang has denied allegations of cyber crime involvement.

"I alerted this to push the new administration and the Defense Ministry to quickly find remedies so that this kind of loss doesn’t happen again," Lee said.

South Korea’s Defense Ministry would not comment to ABC News, citing national security concerns. The Pentagon says it’s closely working with international partners to identify, track and counter cyber threats.

"Although I will not comment on intelligence matters or specific incidents related to cyber-intrusion, I can assure you that we are confident in the security of our operations plans and our ability to deal with any threat from North Korea," said Col. Rob Manning, a Pentagon spokesman.

But many cybersecurity experts believe the North’s advancement in hacking skills has already gone past the level of concern to a "highly damageable" stage.

"It is beyond imagination what they have already done inside South Korea," said Jang Se-Yul, a former North Korean computer expert who defected to the South in 2004. "The North has prepared for a massive cyber attack since the early '90s. They are more than ready to destroy the South’s infrastructure anytime Kim Jong Un gives a green light."

Jang, who runs an NGO helping defectors, claims he has been in touch with his former North Korean colleagues working out of Shenyang, the capital of Liaoning Province in northern China, as recently as last year. He says they were part of the cyber attack units dispatched from Pyongyang to operate out of China, disguised as freelance programmers, but with the aim to hack national security-related information from Seoul and Washington.

    "My old college friends who are now heading cyber teams there laugh at the South’s cyber security. They say hacking into South Korean institutions is like a piece of cake," Jang said. "They sounded confident, and they are ready. For them, attacking South Korea with missiles and nuclear weapons are just waste of resources. All they need to bring down South Korea to complete chaos is to activate these malware viruses they have already prepared."

    Jang is a graduate of Mirim Military University in Pyongyang, now known as Kim Il Military University. He majored in "wargame programming," where he learned to develop simulation software for the military.

    Other majors included "enemy-system penetration programming" -- in other words, hacking education.

    Only the "brightest of the best" are handpicked in each province to major in computer science from as early as 13 years old, according to Jang.

    A total of 8,700 North Korean hackers are estimated to be active, according to recent research by the South’s Korea Institute for National Unification.

    ABC News’ Jae-Sang Lee and Yejin Jang contributed to this report.

    Related Topics