China-based North Korean hackers were behind a $6 million cyber-heist from an online gaming system, according to South Korean police (via JoongAng Daily). Not quite on the scale of the five-year long cyber attacks against 72 countries and organizations since 2006 that the U.S. security software firm McAfee revealed earlier this week without directly accusing China of being it’s origin though that has been the common assumption that has taken hold. This Bystander does wonder, albeit without a shred of evidence, if there might be a least a dotted line connecting the two, perhaps a little freelancing being tolerated on the side. The North Koreans were hired by a South Korean crime gang, but in whose pay were they in China in the first place? The report quoted above suggests they might be connected to Office 39, the North Korean agency that manages slush funds and generates foreign exchange for the Pyongyang leadership. In any event, they are some pretty grubby hired hands.
Regardless, as the victims of the larger operations ranged from the governments of the U.S., South Korea, Taiwan, Vietnam and India to organizations such as the UN and the International Olympic Committee and firms in the defense and high-tech industries, the attacks are likely to bolster the efforts in those countries to increase their both national and commercial cyber-defense capabilities. And, assuming the virtual world follows the real one, to raise calls in some quarters for retaliatory and preemptive strikes against, and we choose our words deliberately here, states believed to sponsor or harbor what will doubtless be called cyber-terrorists.
Update: Here is one such call by Richard Clarke, former head of U.S. cybersecurity.