WASHINGTON – It turns out that North Korea isn’t just a nuclear threat. It’s also a cyberthreat, and in some ways, this may be more frightening. Launched largely anonymously, cyberattacks can cripple essential infrastructure — power grids, financial networks, transportation systems — and inflict social disorder and political anarchy. Immediate retaliation is difficult.
All this now seems plausible.
Until recently, cybersecurity experts dismissed North Korea’s attack capabilities. It was too backward to pose a serious threat. No more. In a lengthy front-page story on Oct. 16, The New York Times reported that cybersecurity experts admit that they underestimated North Korea, which has now been tied to some major cyberattacks. This includes the heist of an estimated $81 million of funds from the central bank of Bangladesh.
The Times’ story ought to command everyone’s attention. It alters the military balance between the United States and North Korea — and not favorably for the U.S.. Written by journalists David Sanger, David Kirkpatrick and Nicole Perlroth, the article reported that North Korea has more than 6,000 hackers whose performance is “undeniably improving,” according to American and British security experts.
North Korea “can hold large swaths of nation-state infrastructure and private-sector infrastructure at risk,” said former deputy director of the National Security Agency Chris Inglis. In part, the North Koreans were instructed and encouraged by Iran, the Times said. But mostly, their gains reflected persistence.
“How can such an isolated, backward country have this capability?” asked a former British government official. “Well, how can such an isolated backward country have this nuclear ability?”
In the Times story, the late North Korean leader Kim Jong Il is quoted, based on the testimony of a defector, as saying in 2003: “If warfare was about bullets and oil until now … warfare in the 21st century is about information.”
Here are some other takeaways from the article:
The goal in the Bangladesh heist was to divert $1 billion through electronic fund transfers. A clerical error stopped most of the transfer. Still, North Korea allegedly reaped $81 million and earns up to $1 billion annually from ransomware and other digital techniques. These funds dilute the effectiveness of sanctions against Kim’s regime.
North Korea was behind the so-called WannaCry hack — one of the largest to date — in May. The ransomware attack shut down hospitals in Britain and affected “banks and transportation systems across dozens of countries.” Even now, it’s not clear what the hack’s intent was, except possibly to stir chaos. Another fortuitous discovery of a software error shut down the hacking attempt..
North Korea is reported to have penetrated South Korea’s military computers “to steal war plans.” It may also have planted “sleeper cells” in South Korea that, in the event of war, “could be activated to paralyze power supplies and military command and control networks.”
By the Times’ telling, North Korea’s capabilities go well beyond its angry response to the 2014 movie satire, “The Interview,” when it hacked Sony Pictures, the studio that produced the movie. Still, North Korea continues to resort to hacks to deter criticism of Kim.
Just how the U.S. can react to North Korea’s cyberprowess is unclear. According to the Times, “Hundreds, if not thousands, of American cyberwarriors spend each day mapping the North’s few networks, looking for vulnerabilities that could be activated in time of crisis.” By some accounts, the U.S. has planted sleeper cells in North Korea’s networks.
But the U.S. is constrained by its huge commitment to the internet. We are more dependent on the web than the North Koreans. In practice, this means that we are more vulnerable to attacks on it. More systems can be shut down and crippled than in North Korea. Americans think that technological superiority works to our benefit. Here, the opposite may be true.
Robert J. Samuelsonis a Washington Post columnist. © 2017, The Washington Post Writers Group