Does North Korea Have Its Own Stuxnet?
On Wednesday, reports of the shutdown of the computer systems, including ATMs, of some major South Korean banks inspired stories of hacking by the North Korean regime. Several banks and other businesses shut down for several hours in South Korea, causing serious disruption of business and civilian life.
News sources around the world speculated that these shutdowns were the handiwork of North Korea, which has announced its displeasure at the recent military maneuvers practiced by South Korea in cooperation with the US.
Some commentators, such as one from Fox News, speculated that perhaps North Korea had planted stealth disruptive programs in South Korean computer systems, and were triggering these pre-planted programs as a warning to South Korea. In essence, the speculation is that North Korea has perfected its own version of Stuxnet, the mysterious computer program which the US and Israel are said to have secreted into the computer systems of Iran. If this speculation about the capabilities of North Korea prove to be true, this would represent an enormous threat of cyber-terror to South Korea, and perhaps other parts of the world, including the US.
An important Japanese news source (NikkeiBP) has a much more mundane explanation for the South Korean bank shutdown. It seems that many South Korean institutions, including the banks highlighted in yesterday's news, use bootleg computer programs to run their operations, instead of authorized (and much more expensive) programs. Perhaps what happened yesterday was that someone flipped a switch on an operating system like Windows7, a Microsoft product, and the bootleg copies shut down. This could be the price these South Korean institutions are paying for trying to be frugal and too clever by half.
If these Japanese stories prove to be the case, the scary speculation concerning a North Korean Stuxnet can be put to rest. But, also, if the Japanese version proves to be correct, many other people will have reason to sweat.
If other bootleg programs are as vulnerable to shutdown as the alleged South Korean bank programs, other institutions can kiss their operations goodby at the whim of any enemy or competitor. For example, if Iranian institutions are trying to avoid payments to Microsoft and other agents of the Great Satan, it would not take a Stuxnet to disable them. A simple reset of an operating system might do the job.
Without having any hand whatsoever in yesterday's events, Bill Gates might have reason to say "I told you so," while bank depositors in South Korea sit stunned at the disappearance of their savings account data.