Tech

North Korea ready for cyberwar

Josh Peterson Tech Editor
Font Size:

Despite the popular impression that North Korea is technologically inept, the regime boasts a significant and effective cyber arsenal, in addition to what is currently known about its nuclear arsenal.

Not only has the country been able to jam GPS signals, it has also reportedly conducted cyber terrorism operations against South Korean media and financial institutions.

As recently as late March, Agence France-Presse reported that the websites of North Korean defectors also were under attack.

North Korea’s cyberwarfare history includes the use of a distributed-denial-of-service (DDoS) attack — which overwhelms a system’s web servers with traffic, forcing it to crash — against U.S. and South Korean government websites.

Its cyberterrorism unit — Unit 121, which is a project of the North Korean intelligence agency, Reconnaissance General Bureau — boasts an estimated 3,000 hackers.

“Defectors from the unit told South Korean intelligence officials that North Korea sends hackers to other countries for training as well as to conduct undercover operations,” Bruce Klingner, senior research fellow for The Heritage Foundation’s Asian Studies Center, told The Daily Caller.

“The hackers never operate within North Korea since the country’s limited computer network would make it too easy to identify the source of the attack,” Klingner said, noting that North Korea has “very strong cyberterrorism capabilities.”

Steven Bucci, Director of Heritage’s Douglas and Sarah Allison Center for Foreign Policy Studies, echoed Klingner’s sentiments.

“Just as with their nukes, their lack of predictability makes them dangerous beyond their capabilities (compared to others),” Bucci told The Daily Caller in an email.

The U.S. and South Korea have been the targets of North Korean cyberterrorism dating as far back as 1999, when several government sites were hit by a DDoS attack. The DPRK’s tactics have since become increasingly more sophisticated.

In 2011, for example, an attack on South Korea’s Nonghyup Bank was attributed to the Reconnaissance General Bureau. The disabling of the South Korean newspaper JoongAng Ilbo’s news production system that same year was also traced back to a North Korean telecommunications center.

The U.S. government has expressed increasing concern over the potential of a devastating cyber attack by state-sponsored hackers against the country’s critical infrastructure for several years, even acknowledging the sophistication of North Korea’s cyber arsenal.

In 2007, CIA analyst Stephen C. Mercado wrote that North Korea had engaged in serious efforts to development its science and technology since the country’s inception in 1948 — largely under the influence of the Soviet Union and China.

The Internet further “enhanced” the abilities of North Korean researchers to acquire foreign data, Mercado observed — contrary to a common misconception that the country has maintained complete technological isolation from the outside world.

President Obama recently signed a cybersecurity executive order as part of his plan to address the threat, but lawmakers have yet to agree upon any meaningful legislation.

What kind of damage a cyber attack from North Korea could cause, however, seems uncertain.

“While it is possible that attempts against U.S. infrastructure could occur sporadically, [North Korea] does not yet seem to have the scale of highly skilled ‘wicked’ actors able to implement a long-running campaign necessary to really hurt U.S. infrastructure,” Dr. Chris Demchak, Co-Director for the Center for Cyber Conflict Studies at the U.S. Naval War College, told The Daily Caller

Demchack’s own research is from public sources and she does not speak for the U.S. government or the U.S. Navy.

“They would need friends in the cyber fight to close the distance to the U.S. effectively,” said Demchak, stating that North Korea’s focus has been on nearby neighbors like South Korea and Japan.

The federal government’s own concern about the disruptive impact of the activities of hacktivist groups like Anonymous demonstrates that even a low level of technical ability can inflict damaging.

South Korean information security professor Lee Dong-hoon told Business Insider in July 2012, however, that he believed that North Korea’s investment in cyber warfare over the past 30 years has given it capabilities behind only the United States and Russia.

The Pentagon’s own capabilities are estimated to be quite sophisticated. An April 2012 Washington Post report announced that the U.S. military was fast-tracking the acquisition of new cyberweapons that would enable it to respond to “urgent-mission critical” needs.

The U.S., which is believed to have been involved in the development of the Stuxnet worm that disrupted the Iranian nuclear enrichment program at the Nataanz nuclear facility in 2009, also not denied involvement in that effort.

“Critical to the bits-to-bolts weapon like Stuxnet is developing considerable knowledge of how systems disconnected from the web can be infected reliably and precisely, and a testbed to check if the infection will work,” said Demchak.

“Both take time and a level of ground knowledge that is very hard to obtain about [North Korea],” she said.

“Having said that, barring an identified attack by [North Korea], even if the U.S. had all this in place, it would be a violation of international law at this point to use it destructively and unambiguously,” she said.

The Pentagon told The Daily Caller that it does not comment on matters of intelligence.

Follow Josh on Twitter

Josh Peterson