CHEON JOON-SAHNG MAY not look like an elite warrior, but the shy, South Korean high school student has been fully trained for a frontline role in any future cyber battle with North Korea.
Cheon, 18, was one of 60 young computer experts chosen in July from many applicants for a government programme providing specialist training in vulnerability analysis, digital forensics and cloud-computing security.
At the end of December their number was narrowed to 20 who completed a further two months survival-of-the-fittest training in cyber warfare.
Earlier this month Cheon was among six who received “Best of the Best” certificates and 20 million won (€14,000) at a ceremony in the state-run Korea Information Technology Research Institute (KITRI) in southern Seoul.
The training programme was launched to reflect growing official concern about South Korea’s vulnerability to cyber attack in the wake of two major intrusions in 2009 and 2011 blamed on North Korea.
Government agencies and financial institutions were targeted both times, causing networks to crash and, in the case of one bank, affecting millions of customers who were unable to use credit cards and ATMs for more than a week.
The tables were turned last Friday when North Korea accused the United States and South Korea of carrying out a “persistent and intensive” cyber attack that took a number of its official websites offline.
“An inter-Korean cyber war is already in full swing,” said Lee Seung-Jin, a computer research consultant and a trainer for the government programme.
“North Korea cyber attacks led to investment”
Cheon and his fellow graduates are under no obligation to enter the South Korean military’s cyber command.
His immediate goal is to secure a college place and, after graduation, he says he would consider going into the private sector as an internet security consultant.
“But this programme played a crucial role in building my career, so I wouldn’t mind working as an officer in the military cyber command,” he said.
“Ironically, it’s the North Korean cyber attacks that have led to all the increased interest and investment in internet security in our country,” he added.
The South Korean military set up the special cyber command in early 2010 and, in partnership with Korea University, established a cyber warfare school in 2012 that admits 30 students every year.
“It’s really like fighting an asymmetric war”
On the surface at least, South and North Korea – which remain technically at war -occupy different ends of the IT spectrum.
Broadband speeds and penetration levels in South Korea are among the highest anywhere, and Seoul prides itself on being one of the world’s most wired cities.
North Korea, by contrast, has a domestic intranet that allows a very limited number of users to exchange state-approved information and little more. Access to the full-blown internet is for the super-elite only.
As a result, the focus of the South’s cyber command is on defensive measures to prevent sensitive, secure networks being compromised.
“It’s really like fighting an asymmetric war,” said KITRI training centre chief Choi Yun-Seong.
The Korea Internet Security Agency, a state watchdog, said it had recorded 40,000 cases of cyber attacks from foreign and domestic sources in 2012, up sharply from 24,000 in 2008.
“South Korea is an IT superpower with good infrastructure but remains relatively vulnerable to hacking,” said Park Soon-Tai, manager of the agency’s hacking response team.
According to intelligence officials cited by South Korean media, North Korea is believed to have a cyber warfare unit staffed by around 3,000 people handpicked for their computer literacy.
The South’s military has a special alert level system called Infocon that reflects the current likelihood of an imminent cyber attack.
With military tensions on the Korean peninsula at their highest level for years following the North’s nuclear test last month, the Infocon level was recently raised from five to four.