The ongoing Russia-Ukraine conflict has fueled a wave of “hacktivist” cyber attacks, with politically motivated hackers increasingly targeting nations involved in the crisis. North Korea’s involvement has added new layers of risk, particularly for South Korea, which now faces a significant increase in cyber threats.
According to cyber security experts, Russian and North Korean hacktivists have intensified their attacks on South Korean systems. Pro-Russian hackers recently launched distributed denial-of-service (DDoS) attacks on Government24, a civil service platform, and websites of the Defense Ministry, Environment Ministry, and courts. These attacks overwhelmed servers, causing system failures. Government24 experienced issues on November 4, while the Defense and Environment ministries were hit on November 6, and several court websites, including the Seoul Central District Court, on November 7.
The South Korean government attributes these cyber attacks to hacktivist groups. The National Security Office stated, “While pro-Russian hacktivist attacks have occurred sporadically, they’ve intensified since North Korea’s troop deployment to Russia and involvement in Ukraine. These attacks primarily target civilian systems and government websites with DDoS tactics.”
North Korea has also escalated its interference by disrupting GPS signals. From the 1st to the 10th of this month, the Ministry of Science and ICT reported 331 GPS reception issues, affecting 279 aircraft and 52 ships. GPS jamming, which involves broadcasting interfering signals stronger than GPS transmissions, can disrupt location services for land, sea, and air traffic.
The Ministry added that they are continuing to detect jamming signals from North Korea’s Kaepung and Haeju regions, closely monitoring the situation and maintaining readiness in cooperation with relevant agencies, including the Ministries of Land, Infrastructure and Transport, and Oceans and Fisheries.
Meanwhile, global hacktivists have now turned ransomware into a profit stream. SK Shieldus’s white-hat hacker group, E-Cust, reports that the CyberVolk group offers Telegram ransomware and data theft tools. Their CyberVolk Stealer V1 is available as a source code for $1,000. This pro-Palestinian group continues to target Israel with cyber attacks.
A cybersecurity expert commented, “We prepare through simulated attacks and response drills, but there’s no foolproof defense.” Another insider noted, “North Korean hackers are often motivated by financial gain, which limits our countermeasures.” Former NSA Director Paul Nakasone estimated that North Korea generates about 25% of its GDP from ransomware attacks.
The Korea Internet & Security Agency (KISA) has warned that cyber threats are growing due to the Russia-Ukraine conflict, North Korean activity, and international DDoS attacks. KISA advises organizations to ramp up cybersecurity by monitoring critical systems, maintaining offline backups of vital data, exercising caution with suspicious attachments or links, and regularly applying security updates.
Most Commented