On March 4th, 2011, major government agencies and major private enterprises of South Korea were hit by DDoS (Distributed Denial of Service). Source, working as a high-ranking official in N. Korea, reported on March 7th, 2011, "Behind these attacks are North Korean professional hacker groups, thirteen in all, dispatched to various regions of China."
According to the source, there were, in total, 52 to 65 North Korean hackers participated in the March 4th DDoS attack. The plan was planned meticulously which included frequently visiting outside countries. They were stationed in groups of fours or fives: three groups in Beijing, two groups in Tianjin, two groups in Shenyang, tthree groups in Dalian, two groups in Yanji, and one group in Dandong.
The members of these thirteen North Korean hacker groups were in their 20’s and most had Masters and Doctorate degrees. They were chosen because of they were talented, and were trained since they were young to become hackers. The source said, "The director of the hacker group is from the Party (identified only by his family name Kim), who majored in Computer Science from an elite university in North Korea. He is in charge of selecting and managing the hackers and he selects leaders of these small groups strictly on merit, regardless of age or family background."
It is said that the director has proven professional expertise in Information Security System, Code interpretation, and Data Conversion. Hackers under his leadership are also extremely skilled professionals, well-versed with various programming languages such as C/C++/VB.
The source explained that in early 2000, North Korea had begun to engage in joint IT projects (developing softwares and more) with South Korea, China, and Japan. Highly talented IT professionals were sent out abroad accordingly. North Korea had 30 hackers, in groups of four to five, as participants in the joint IT projects to infiltrate China. These hackers were stationed in various parts of China and they recruited 300 thousand zombie computers.
These hackers, participants in joint studies with China, were in fact, preparing cyber attacks in secret bases in their private residences. The North Korean spies rented houses throughout China under a third party name. Hackers operated out of these houses to recruit 300,000 zombie computers, 200,000 of which were used on previous DDoS attack on July 7th, 2009. On March 4, 2011, attack, they used all zombie computers including the 100,000 zombie computers that were not used in the previous attack.
"Through the night, hackers put up on the target client, the programs infected with malicious codes to command attacks to zombie computers. They finished it by dawn and left the place. They were skilled enough to confirm how deep the virus penetrated and even control its penetration," the source added. These N. Korean hackers are now boasting about how freely they can infiltrate a well-known South Korean security firm's website.
Translation by Hoyeon Choi Supervised by Stella Cho
Seoul Station Theoville, 62-7 Mallidong1-ga, Jung-gu, Seoul, 100-371, Korea
Body Corporate North Korea Strategy Information Service(NKSIS)
Publisher: Yun-keol, Lee Editor: Jun-woon, Lee
Tel: 02-585-9149, Fax: 02-586-9149, E-mail: firstname.lastname@example.org
Copyright ⓒ 2011 North Korea Strategy Information Service(NKSIS). nksis.com. All rights reserved
Reproduction, copying, or redistribution of the materials on NKSIS are strictly prohibited. Any unauthorized use constitutes a willful copyright infringement subject to punishment.