Report: North Korea Accused Of DDoS Attack On South Korean Airport

North Korean agents have been linked to a malware attack on a South Korea’s Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper.

North Korean agents have been linked to a malware attack on a South Korea’s Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper.

The paper, citing the Seoul Metropolitan Police Agency, said that a 39 year-old South Korean man was arrested for involvement in the plot and charged under South Korea’s National Security Law for contributing to multiple distributed denial of service (DDoS) attack against the airport in March, 2011.

According to the police the man, who has the last name “Jo,” worked as a computer game distributor in South Korea. He allegedly met with agents of North Korea’s Reconnaissance General Bureau in China in 2009 to purchase a large quantity of computer games at a steep discount. Those games, which Jo knew had been infected with some bot malware, were brought back to South Korea and sold to the public. Machines infected by the bot software that was bundled with the game were later used to launch the denial of service attack, the JoongAng Daily reported.

JoongAng Daily quotes unnamed police officers saying that they are investigating whether the North planted a Stuxnet-like computer virus on air traffic control system comptuers at Incheon Airport.

South Korea has been a frequent target of aggressive cyber attacks from the North, which created the Reconnaissance General Bureau in February, 2009, to head its military’s cyber operations. Attacks in July, 2009, crippled the Web sites of several major South Korean government agencies. In July, 2011, another series of denial of service attacks took U.S. military and South Korean government Web sites offline

North Korea experts have noted an increasing interest in- and reliance on cyber operations as a way to make the country’s presence felt. In April, 2012, North Korean government radio threatened a wave of “special actions” by “revolutionary armed forces” against the South that some have suggested may presage more cyber attacks from the North.

Suggested articles

Discussion

  • f0real on

    North Korea must launch these attacks from computers in China because I am pretty sure there are probably less than 100 IP addresses in North Korea.

     

  • chaitee on

    Actually, the entire North Korean internet is a subnet running on the chinese backbone. All internet and mobile communication in NK are china based.

  • Anonymous on

    Actually they have been jamming the plane GPS signals for quite some time now. You can google it and find that on the internet quite easily. That's concerning as well.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.