The Korean War may have officially lasted from 1950 to 1953, but in reality it never quite ended.

It began when North Korea invaded South Korea, and after many air and land skirmishes, the fighting ceased on July 27, 1953, when an armistice was signed. However, no peace treaty exists between the two countries, resulting in periodic deadly clashes that have continued to the present day.

Not all wars are fought with guns, however. The one I want to talk about today is waged using keyboards. In mid-June, South Korean police reported that more than 140,000 computers at 160 South Korean firms (mostly defense contractors) were hacked by North Korean hackers. During those attacks, more than 40,000 defense-related documents were stolen. Some weren’t exactly classified as top secret, but what was really worrying was that the hacked computers were infected with malicious code, setting up a possible larger-scale, coordinated attack.

The code has been neutralized, and although North Korea denies any wrongdoing, the IP address from which the attack originated was indeed traced to Pyongyang, North Korea’s capital, where Kim Jong-un, the country’s supreme leader, maintains his main residence.

The Mangyongdae Revolutionary School, in Pyongyang, North Korea. AP

Reuters reports that those attacks are part of numerous cyber incursions, committed by a North Korean military computer unit that currently numbers 6,000 troops. As you will soon see, South Korea isn’t sitting idly by — it’s working hard to increase its defense capabilities and train its own “cyber army” under a government-funded cyber-defense curriculum.

The proposition is simple: Young students are provided with a free education, during which time they learn math, hacking, law and cryptography, in exchange for seven years of service in the South Korean army’s cyber-warfare unit.

The initiative was influenced by the Talpiot program — the Israel Defense Force’s training program that provides outstanding recruits with advanced science and tech education as well as combat training. Similar to Talpiot, but out of a greater pool of applicants, only a select few are enrolled yearly into South Korea’s cyber-defense curriculum (currently 30 students a year). Those who make the cut get 500,000 won (roughly $430) a month to cover living expenses, according to Jeong Ik-rae, a Korea University professor.

A South Korean “keyboard warrior” at work in the so-called War Room at Korea University, Seoul. Reuters

South Korea currently has about 500 “keyboard warriors,” but its enemy has 6,000. In addition to being outnumbered, there is one more reason why South Korea is at a distinct disadvantage: Being technologically advanced means that much of its infrastructure is accessible online, which makes it vulnerable to hacker attacks. On the other hand, North Korea barely has online access, let alone structures that can be targeted in retaliation.

What kind of cyber security does a country need to defend itself against hackers? Aside from the usual security measures, such as high-level encryption and fire walls, one option would be to run the entire infrastructure via a bespoke operating system. That would make gaining direct access difficult for the assailant, simply because software and access protocols would be unknown to him. It would also mean invincibility to various “common” virus attacks. Still, as long as there is a “standard” online access point connected to the protected device that is using known networking software or protocols, the security could be compromised, as a hacker would simply attack that access point and gain entry.

That leads us to the second option: an operating system within an offline-only environment. This option isolates the system (be it a power grid, an industrial complex or something else) from the internet. The isolated system is controlled only from within the facility, and any external data storage devices that perform necessary software updates, fixes, etc., would have to pass rigorous tests and scans before being admitted into the system. Obviously, this option is a no-go for institutions that require frequent and quick online data exchanges, but it can be a good solution for power plants, traffic-control systems and even hospitals. (In hospitals, patient information and other sensitive data would be protected on a separate offline grid, while communication channels would remain open to the public and online access.)

Closing off vital segments of the vulnerable system may seem excessive, but it’s actually a part of cyber-security measures already employed in the protection of nuclear power plants.

For some (non-vital) systems, the isolation could be temporary. For example, they would disconnect the moment a breach is detected, and for the vital ones, it could be a permanent way to function.

Not being connected to the world wide web means no hacker could gain access from the outside, and even if the attacker accessed it internally (using an infected storage device or via social engineering), the damage would be limited to that system alone, without affecting (and infecting) other elements of the infrastructure. I can imagine implementing such a system in an entire country would be expensive and challenging, bringing with it a multitude of other issues along the way. Still, it might be the best option for countries that are facing constant online threats, as South Korea is.

What would you suggest that South Korea do in its ongoing struggle against North Korea’s cyber incursions? Please let me know in the comment section below.