Threat Management, Network Security, Network Security

South Korean authorities worry about DDoS attacks ahead of elections

South Korean authorities are reportedly worried about ramped up attacks from the country's hostile northern neighbour. A recently released report predicted DDoS attacks, leveraging IoT botnets, would be used to attack government ministries.

Authored by the state-run Korea Internet & Security Agency (KISA), the report warns of DDoS attacks just before the country's upcoming elections.

The attacks, which leverage widely insecure IoT devices, could be launched against government ministry, national infrastructure or social bodies to destabilise South Korea.

Jeon Kil-soo, from KISA told South Korean news agency, Yonhap, that "there is the possibility that huge DDoS attacks could occur by using IoT devices from both home and abroad".  Kil-soo added that such attacks could be deployed against presidential candidates.

Current president Park Geun-hye is currently faced with an impeachment motion, which, if adopted by Korea's Constitutional Court, will trigger another election. The decision is expected to be made in the next two months. According to KISA's report, such an occasion would be ripe for exploitation by, some expect, North Korea.

South Korea are not the only country bracing themselves for cyber-interference in upcoming elections. Against a backdrop of accusation of Russian interference in the American election, top government officials from Germany, France and other countries have expressed fears about such threats.

North Korea's cyber-offensive activities have long been suspected. The North Korean government was reported to be behind the attacks on Sony Pictures on the eve of the 2014 release of The Interview, a comedy which satirised the country's leader Kim Jong Un. In November 2014, Sony Pictures Entertainment was breached by a group calling itself the “Guardians of Peace”. The hackers released a slew of emails, personal information and other data from inside the company, prompting sanctions against the country.

North Korean agents are also suspected to be behind the heist on the Bangladesh Central Bank. In early 2016, hackers stole US$81 million (£65 million) by impersonating legitimate money orders. The money was then laundered through Sri Lanka and the Philippines into the coffers of, some suspect, the North Korean government.

This kind of activity takes on a new light when applied to South Korea. South and North Korea have technically been at war since the middle of the twentieth century. Split in two against the backdrop of the Cold War, the countries fought a war between 1950 and 1953. The war never technically ended and the countries remain separate with a Chinese backed opaque dictatorship under the Kim Jong family in the north and a liberal democratic regime in the south. The two countries exist in a state of formal hostility, and while not effectively at war are believed to regularly meddle in each other's societies, the cyber-realm included.

James Hoare, an associate fellow at Chatham House and the man formerly charged with setting up a British embassy in North Korea, “the report is all very speculative, with nothing much in the way of hard facts.”

There are many such claims about North Korean cyber-attacks, “including claims of interference with aircraft landing at Inchon airport – though having watched the behaviour of people on flights into and from Inchon, I would not be surprised if some of the alleged attacks were in reality people on their mobile devices while the planes are taking off and landing.”

These kinds of claims are common but “tend to be somewhat unspecific, but on at least one recent occasion, the North Korean released information that indicated that they had been approached to stage some sort of diversion at the time of an election.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.