North Korean agents have been linked to a malware attack on a South Korea’s Incheon International Airport, according to a report from the JoongAng Daily, a South Korean paper.
The paper, citing the Seoul Metropolitan Police Agency, said that a 39 year-old South Korean man was arrested for involvement in the plot and charged under South Korea’s National Security Law for contributing to multiple distributed denial of service (DDoS) attack against the airport in March, 2011.
According to the police the man, who has the last name “Jo,” worked as a computer game distributor in South Korea. He allegedly met with agents of North Korea’s Reconnaissance General Bureau in China in 2009 to purchase a large quantity of computer games at a steep discount. Those games, which Jo knew had been infected with some bot malware, were brought back to South Korea and sold to the public. Machines infected by the bot software that was bundled with the game were later used to launch the denial of service attack, the JoongAng Daily reported.
JoongAng Daily quotes unnamed police officers saying that they are investigating whether the North planted a Stuxnet-like computer virus on air traffic control system comptuers at Incheon Airport.
South Korea has been a frequent target of aggressive cyber attacks from the North, which created the Reconnaissance General Bureau in February, 2009, to head its military’s cyber operations. Attacks in July, 2009, crippled the Web sites of several major South Korean government agencies. In July, 2011, another series of denial of service attacks took U.S. military and South Korean government Web sites offline.
North Korea experts have noted an increasing interest in- and reliance on cyber operations as a way to make the country’s presence felt. In April, 2012, North Korean government radio threatened a wave of “special actions” by “revolutionary armed forces” against the South that some have suggested may presage more cyber attacks from the North.