(Adds analyst comment in fourth paragraph.)
Dec. 20 (Bloomberg) -- North Korean troop movements following former leader Kim Jong Il’s death do not indicate any imminent provocation, according to authorities in Seoul who said they had taken steps to thwart potential cyber attacks.
Units returning to bases overnight conducted annual winter drills, the South’s defense ministry said in a statement given to reporters today in the capital. Still, the cyber alert level is now at “infocon 4,” which indicates signs of a “general threat,” defense ministry spokesman Kim Min Seok told reporters.
With reports from the official Korean Central News Agency referring to Kim’s son as the “great successor,” investors bought South Korean stocks and the won amid the relative calm. Kim Jong Il’s death was announced at noon yesterday.
“Most likely North Korea is going to be quite stable in the short term,” David Kang, director of the Korean Studies Institute at the University of Southern California, said by telephone today. “There is really no question about who is going to take over, the only question is when.”
The Korean Communications Commission raised its alert level to “caution,” according to a statement yesterday. Both alerts are one notch above authorities’ standard default for cyber vigilance.
The U.S. and South Korean military are continuing surveillance of North Korea and remain on alert, the ministry said. While the “infocon” cyber alert was increased, the military hasn’t changed its surveillance “watchcon” or combat “defcon” alerts, according to the statement.
“The South Korean military has been pretty vulnerable to cyber terrorism,” said Kim Yong Hyun, a professor of North Korea studies at Dongguk University in Seoul. “It’s possible that North Korea will launch some cyber attacks, though they’re unlikely to be extreme at the moment with the nation in mourning.”
As many as 40 South Korean websites, including at the presidential office, the National Intelligence Service and Ministry of National Defense were targeted by hackers in March. The attacks were traced to Internet Protocol addresses used in the 2009 assaults that were also suspected to be the work of North Korea, South Korean police said in April.
South Korean prosecutors in May accused North Korea of paralyzing the National Agricultural Cooperative Federation’s computer network. The April attack shut out 20 million clients from the federation’s automated teller machines and online banking services.
All three episodes used a method called “distributed denial service,” according to a May 3 statement from the Seoul Central District Prosecutors’ Office. In such assaults malicious codes infect computers to trigger mass attacks against targeted websites, according to Ahnlab Inc., South Korea’s largest maker of antivirus software.
The Kospi index, which sank 3.4 percent yesterday, gained 0.9 percent. South Korea’s won rose 1.1 percent to 1,161.18 per dollar as of 4:28 p.m. in Seoul, according to prices compiled by Bloomberg.
The National Pension Service, the country’s biggest investor, bought stocks yesterday when the Kospi index fell the most in more than five weeks and doesn’t see further steep declines in equities, Kim Hee Seok, head of the fund’s investment-strategy division, said by phone today.
KB Asset Management Co., a unit of South Korea’s second- largest financial services group, is buying futures on the nation’s bonds, betting losses after Kim’s death won’t last.
Stocks may become attractive if they fall further on geopolitical risk, according to Franklin Templeton Investment Trust Management Co. in Seoul.
--With assistance from Patrick Harrington in Tokyo. Editors: Brett Miller, Patrick Harrington
To contact the reporters on this story: Sangwon Yoon in Seoul at firstname.lastname@example.org; Saeromi Shin in Seoul at email@example.com; Jun Yang in Seoul at firstname.lastname@example.org
To contact the editor responsible for this story: John Brinsley at email@example.com