The Power of North Korea’s Cyberthreat

Security News ThreatsCybercrime Uncategorized


North Koreans watching a broadcast by Kim Jong-un in Pyongyang in September. Credit Ed Jones/Agence France-Presse — Getty Images

The chilling survey of North Korea’s cyberpower in The Times, describing a sophisticated program of not only weapons of war but also of theft, blackmail, harassment and score-settling, is shocking, but not surprising. Kim Jong-un is ruthless in his quest for power and survival, and hacking, even more than the nuclear power North Korea is rapidly developing, is the perfect weapon for a small, impoverished, isolated, totalitarian state.

Pyongyang’s nuclear weapons pose an enormous threat to the United States and its Asian allies. But even a megalomaniac like Mr. Kim understands that unleashing them would spell a hellish end to him and his country. Cyberweapons, by contrast, offer a degree of stealth and deniability and a broad range of uses, as David Sanger, David Kirkpatrick and Nicole Perlroth detailed in their article. North Korea has used its army of hackers for assaults as diverse as multimillion-dollar digital bank robberies, the giant WannaCry ransomware attack (based on a secret tool stolen from the National Security Agency) and attacks on movie producers and television networks to force them to cancel projects deemed hostile by North Korea.

Mr. Kim’s total control over his country gives him his pick of the best young brains to train as hackers; the cost is relatively low, and effective retaliation has so far proved very difficult. North Korea is already under every possible international sanction, its infrastructure is too primitive for useful cyberretaliation, and neither the United States nor South Korea would likely launch a military attack. And North Korean hackers appear to operate largely outside the country, especially in China and India.

North Korea is no pioneer in cyberpower and is hardly the first to use it. Russia has deployed it, allegedly to attack Estonia and Ukraine and to meddle in American politics; China is a major and persistent cyberspy, as is the United States, whose cyberefforts have sabotaged North Korean missile tests. Electronic warfare, surveillance, espionage, sabotage, theft and other trickery are, alas, a real and growing danger that demands ever more sophisticated defenses.

But North Korea represents a different sort of threat, more akin to terrorist networks, which are less susceptible to counterattacks and sanctions that might deter a conventional government. With China, the United States reached a cybersecurity agreement in 2015 that was a first step toward resolving American frustration with Chinese snooping.

No such agreement is likely soon with North Korea. Its hackers, however, are not beyond reach: Many are dispersed abroad, where they can be tracked and shut down.

Continue reading the main story