Sex, spyware and North and South Korea

It’s time to add North Korea to this year’s roll call of countries accused of engaging in cyber warfare – using malicious software to spy on and steal secrets from their national enemies.

Already in 2008, readers of the Sophos website will know that we have seen claims that Germany’s foreign intelligence service used malware to spy on an Afghan ministry, Belgium accusing China of cyber-espionage, and Indian officials claimed Chinese hackers had targeted the Ministry of External Affairs. and the National Informatics Centre.

Newspapers in Seoul are claiming today that officers in South Korea’s military command and control centre have been the target of a spyware attack. The alleged culprits? North Korea’s electronic warfare division and a sexy female seductress.

Speculation has risen that the officers targeted by the spyware attack (which took the form of a malicious email attachment designed to steal documents from infected computers) were on a list of military contacts given to North Korea by Won Jeong Hwa.

35-year-old Miss Won, who defected from the North in 2005, is facing trial in South Korea and could be executed if found guilty of treason. Under the cover of touring South Korean military bases to lecture on the evils of Kim II Sung’s communist regime, she is said to have seduced army officers in exchange for military secrets.

Some of the military officers struck by the spyware attack are alleged to have been amongst the names and email addresses passed by Won Jeong Hwa to officials from North Korea.

It is not known if any military secrets were stolen as a result of the spyware incident, but it is clearly an embarrassing breach of security for the South Korean military.

Is it likely that North Korea is using the internet to spy on other countries? Of course. But it is also likely that South Korea is doing the same right back.

Espionage has been a fact of life for thousands of years. It would be naive to believe that nations would consider the internet and spyware “off-limits” as a tool for spying. Countries are spying on each other all across the world for political, commercial and military advantage – and they would be crazy not to try and exploit the power of the internet to increase their chances of success.

It shouldn’t be any surprise to us that in this case it appears the very latest technology is being used, in co-ordination with the tried-and-trusted ages old technique of deploying a pretty woman, to weadle out information.

As the people responsible for protecting IT systems from attack we may have little respect for hackers and malware authors – but we have to increasingly recognise that the hands of our own governments may be less than lily-white themselves.

* Image source: gin_e’s Flickr photostream (Creative Commons 2.0)