[정치][뉴스큐] U.S. Department of Justice indicted three North Korean hackers…how and how big is the hacking?

■ Progress: Anchor Youngsoo Kim, Anchor Ryeowon Kang
■ Cast: Seungju Kim / Professor, Graduate School of Information Security, Korea University

* The text below may differ from the actual broadcast content, so please check the broadcast for more accurate information.

[앵커]

The US Department of Justice said it would prosecute the three North Korean hackers by referring to the real names. Banks and businesses around the world are accused of stealing more than 1.3 billion dollars, about 1.4 trillion won in cash and virtual currency, from our money.

[앵커]

Interest is also being paid to the scale and method of hacking in North Korea. Let’s take a look with Kim Seung-ju, a professor at Korea University Graduate School of Information Security. Professor, are you with me?

[김승수]

Hello?

[앵커]

Hello? Not only the U.S. government, but also banks and cryptocurrency exchanges around the world have no choice but to commit crimes, and there are various techniques now. If you only have a computer, is it possible to hack into North Korea using the Internet?

[김승주]

First of all, you can think that all devices connected to the Internet can be hacked. In general, you think that things like computers and smartphones are mostly hacked. Already in 2013, it was revealed that smart TVs can be hacked.

And in 2015, a car from a very famous car maker was hacked, and 1.4 million cars were recalled as a result. And in 2017, a report was released in the UK that nuclear submarines could also be hacked. Recently, hackers are doing a lot of research on hacking airplanes.

[앵커]

Listening to it, I think it’s quite scary. Right now, the US government or banks don’t have their own hacking defenses, aren’t they?

[김승수]

It has a lot of defenses, but it’s not as easy as you think to be completely hack-resistant. What we usually call e-mail is the act of sending a hacking program as an attachment to an e-mail attachment and sending it to employees inside the company to spread the hacking program inside. This is very classic but very effective. So I’m still trying a lot of hacking through email.

Especially recently, in the case of YTN, you also use internal electronic approval software and broadcast editing software. Then, you hack companies that make electronic approval, broadcasting, and editing software. That’s why we insert hacking programs into broadcast editing software or electronic approval software and send them inside YTN broadcasting station. There are also many techniques for hacking vendors in this way.

[앵커]

And when I saw the indictment, it said that a bank in New York kept the cryptocurrency stolen by hacking there. So, there seems to be a particular reason for preferring cryptocurrencies as targets for crime. What is the reason?

[김승수]

We usually see a lot of things like voice phishing on the news. Usually, catching the voice phishing scammer is usually caught when handing over money. However, this cryptocurrency is transmitted and received over the Internet. And since cryptocurrency is guaranteed to be anonymous, it is very difficult to track funds.

[앵커]

In the case of the U.S. Department of Justice, we’re showing it back, but we’ve made a photo of three hackers, their real names, and tracked them down. In a way, it seems that hackers are not well-known, but does it mean that the United States also has such technology?

[김승주]

In fact, you are asking a lot of those questions today, but to be precise, the US Department of Justice, so the United States, did not reveal all that alone. In fact, information related to North Korean hackers is the most in our country’s intelligence agencies and investigative authorities. So, if there is such a hacking accident in the United States, we come to Korea and ask for cooperation.

So, if you do a cooperative investigation with Korea and look in the US, are all the big global IT companies in the US? For example, Google, Microsoft, or Facebook. I am also asking for help from these IT companies. That’s why we synthesized such information, identified a hacker like that, and even released a picture.

[앵커]

i See. However, according to the reports of North Korean hackers now, there are about 6,000 to 7,000 people active worldwide. We can’t figure out the exact scale. How does the professor know?

[김승수]

According to data from Korean government agencies, the total size of North Korean hackers is about 6800. Among them, 1700 are professional hacker units. And the remaining 5,100 people can be viewed as support personnel to support the hacker squad. But in fact, it is known that the skills of this hacker unit are very good.

If I actually talk like this again, isn’t it because it’s inflated again? Also, many of these things are said, but in fact, students from Kim Il-Sung University in North Korea participated in the very famous world university student programming contest in 2016.

In this competition, Kim Il Sung University students won 28th. But Stanford University finished 44th. Peking University and KAIST ranked 28th, the same as Kim Il Sung University. So, you can see that North Korean students themselves have very good computer skills. However, if you are good at hacking, you can live in North Korea, not in China, or abroad.

Because North Korea has a bad internet environment. So, I think you can see that such things as living abroad are very motivating.

[앵커]

North Korea is also hacking domestic public institutions. There are also stories that pharmaceutical companies attempted hacking to steal corona vaccine treatment information. Do you think you actually hacked it?

[김승주]

According to an official announcement by the National Assembly, Director of the National Intelligence Service Park Ji-won recently, the average number of hacking attempts entering Korea per day is about 1.62 million. This is the daily average.

Most of them are from North Korea, followed by China, Russia, Iran, and Pakistan. Of course, there are many hacks coming from North Korea, so aren’t these hackers from North Korea hacking various things?

However, there are also groups that hack cryptocurrencies and certain banks. There is a group that collects information about the design of any weapon system, and as I mentioned earlier, there are hacking groups that collect information related to vaccines.

[앵커]

Okay. I heard more details from the three North Korean hackers, the content that the US Department of Justice decided to prosecute, and Kim Seung-ju, a professor at the Graduate School of Information Security at Korea University. I listened to you today. thank you.

[김승수]

Thank you.

.Source