|
 A North Korean diplomat has denied Pyongyang was behind the attack
that was launched last month but a U.S. national security source
said it was a suspect.
Defectors from the North have said Bureau 121, staffed by some of
the most talented computer experts in the insular state, is part of
the General Bureau of Reconnaissance, an elite spy agency run by the
military. They have said it is involved in state-sponsored hacking,
used by the Pyongyang government to spy on or sabotage its enemies.
Pyongyang has active cyber-warfare capabilities, military and
software security experts have said. Much of it is targeted at the
South, technically still in a state of war with North Korea. But
Pyongyang has made no secret of its hatred of the United States,
which was on the South's side in the 1950-53 Korean War.
Military hackers are among the most talented, and rewarded, people
in North Korea, handpicked and trained from as young as 17, said
Jang Se-yul, who studied with them at North Korea's military college
for computer science, or the University of Automation, before
defecting to the South six years ago.
Speaking to Reuters in Seoul, he said the Bureau 121 unit comprises
about 1,800 cyber-warriors, and is considered the elite of the
military.
"For them, the strongest weapon is cyber. In North Korea, it’s
called the Secret War," Jang said.
One of his friends works in an overseas team of the unit, and is
ostensibly an employee of a North Korean trading firm, Jang said.
Back home, the friend and his family have been given a large
state-allocated apartment in an upscale part of Pyongyang, Jang
said.
"No one knows ... his company runs business as usual. That’s why
what he does is scarier," Jang said. "My friend, who belongs to a
rural area, could bring all of his family to Pyongyang. Incentives
for North Korea’s cyber experts are very strong ... they are rich
people in Pyongyang."
He said the hackers in Bureau 121 were among the 100 students who
graduate from the University of Automation each year after five
years of study. Over 2,500 apply for places at the university, which
has a campus in Pyongyang, behind barbed wire.
"They are handpicked," said Kim Heung-kwang, a former computer
science professor in North Korea who defected to the South in 2004,
referring to the state hackers. "It is a great honor for them. It is
a white-collar job there and people have fantasies about it."
SIMILAR TOOLS
The technology news site Re/code reported on Wednesday that Sony
intends to name North Korea as the source of the attack. But when
asked about the Re/code report, a Sony spokeswoman said no
announcement from the studio was coming. The company declined
comment on Thursday.
[to top of second column] |
Sony Pictures, a unit of Japan's Sony Corp, is the distributor of
"The Interview," a forthcoming comedy featuring a plot to
assassinate North Korean leader Kim Jong Un. North Korea has
described the film as an "act of war".
Last year, more than 30,000 PCs at South Korean banks and
broadcasting companies were hit by a similar attack that
cybersecurity researchers widely believe was launched from North
Korea.
Months later, the South Korean government's online presence was
targeted, with the president's website defaced with a banner reading
"Long live General Kim Jong Un, president of reunification!"
Neither attack was particularly sophisticated, but South Korean
authorities said North Korea was to blame, even though 'hacktivist'
groups - online activists who hack high-profile targets in order to
spread political messages - first appeared to claim responsibility.
Those attacks used rudimentary but effective malware which security
researchers later dubbed DarkSeoul.
Also known as the DarkSeoul Gang, the hackers have been involved in
a five-year spree against South Korean targets, according to a
report last year by computer security firm Symantec, which estimated
the group included 10 to 50 hackers and described it as "unique" in
its ability to carry out high-profile and damaging attacks over
several years.
Some security experts have cast doubt on North Korean involvement in
the attack on Sony, citing the publicity-seeking hacktivist style of
the attacks. However, the use of an unknown name by the group behind
the Sony attacks, "Guardians of Peace", is similar to previous
attacks by the DarkSeoul gang.
It remains unclear if the DarkSeoul gang are outsiders working on
behalf of North Korea, or some of Pyongyang's troops in the isolated
country's own 'cyber army'.
(Additional reporting by Jim Finkle and Ron Grover; Editing by Tony
Munroe and Raju Gopalakrishnan)
[© 2014 Thomson Reuters. All rights
reserved.] Copyright 2014 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed. |
