South Korean Cybersecurity Experts Play Cat-and-Mouse With the North’s Hackers
Kim Jong Un’s regime has about 6,000 hackers spreading malware from both inside and outside North Korea.
Kwak is part of a team of threat researchers at the South Korean cybersecurity firm S2W. They scan networks, looking for anomalies, and match wits with North Korean digital adversaries.
Photographer: Woohae Cho/BloombergKay Kyoung-ju Kwak, a South Korean cybersecurity researcher, can usually tell when malware emanates from his neighbors to the north: They drop clues in the malicious code that show they understand their adversary. “Sometimes they put a K-pop star name in there,” he says, laughing. “They don’t like BTS.” (Instead, he says, they prefer the all-female ensemble Girls’ Generation.) Kwak says he’s also stumbled across digital evidence of North Koreans illegally downloading South Korean soap operas, presumably to entertain themselves when their shifts end.
Kwak is a threat researcher at the Seoul-based cybersecurity firm S2W Inc., where he oversees a team of about 20 cybersecurity specialists called the Talon Group. The majority of them have expertise in North Korea, and they work with international law enforcement to thwart North Korean hacking attempts. The company also has private-sector clients in e-commerce, automotive, semiconductors, and biotech.