Eric O'Neill: North Korea has long been investing in creating a dedicated cyber army
Battleground for future conflicts will be found in both kinetic and cyberwar theaters, he says
Editor’s Note: Eric O’Neill is an attorney, security consultant and public speaker. Formerly he was with the FBI and helped to capture the spy Robert Hanssen. He currently runs the Georgetown Group, an investigative and security consultancy in Washington, and is the national security strategist for Carbon Black, a security company in Waltham, Massachusetts. The views expressed here are solely those of the author.
North Korea has launched 22 missiles in 15 tests in 2017.
According to US intelligence sources, the most recent test detonated a 140-kiloton nuclear device, which the North Koreans claim was a hydrogen bomb. (That’s 10 times as powerful as the atomic bomb the United States dropped on Hiroshima in World War II.) The UN secretary-general has continuously condemned North Korea’s ballistic missile launches as serious violations of UN Security Council resolutions.
Meanwhile, President Donald Trump has promised new sanctions against North Korea that will allow the United States to target businesses, individuals and financial institutions that aid North Korea’s regime, and the Chinese central bank has begun to implement strict UN sanctions against Pyongyang.
The missile tests are posturing by Kim Jong Un and a clear attempt to show dominance to the United States and its allies. They are likely part of a strategy that follows Iran’s playbook: Get close to developing a nuclear weapon and the rest of the world will make a deal.
But they are also a major distraction from a much bigger issue. The true risk when it comes to North Korea is its cyberattack capabilities.
North Korea has invested heavily in cyberattack operations to disrupt its Western enemies. Western Intelligence services blamed the 2014 attack against Sony on North Korea’s spy agency, the Reconnaissance General Bureau. North Korea is also believed to be responsible for the cyber heist at Bangladesh’s central bank and the global WannaCry ransomware attack from earlier this year.
Pyongyang’s cyberspies conduct low-cost, high-impact, deniable attacks around the world to harm enemies, disrupt the West and steal money. Financial institutions are particularly at risk of theft as North Korea bleeds funds to support its nuclear program.
The goal for North Korea’s cyberattack operations, beyond flying under the radar, is to inflict death by a thousand cuts – a deliberate and organized disrupt-and-attack approach in line with the country’s national strategy. Arguably, the more money and resources North Korea can steal via cyberattacks, the stronger its kinetic military can become.
Despite severe unemployment rates and terrible living conditions for its masses, North Korea invests in, and educates, a portion of its population in science and technology to work for its cyber military agency, which is a top-level job in the country. Security experts and North Korean defectors have placed the numbers in North Korea’s cyber army in the thousands. Students are often handpicked to join the elite corps.