Certainly by now, the world has heard about the infamous
cyberattack against Sony purportedly carried out by North Korea. Although numerous denials have been given,
the attack appears to have been perpetrated by a despotic regime in retaliation
for the simple act of making a satirical movie.
I’ll let the ridiculousness of that statement sink in for a minute. Now onto the practical matter at hand; how
can the world’s most isolated nation pull off such a technologically advanced
attack? To put this in perspective,
consider the following. If you do a web
search for “North Korea at night”, you can plainly see the lack of electricity
or at least visible lighting as compared to its southern neighbor. I remember standing on the DMZ looking into
North Korea. The normally wooded area
was clear cut by the residents and soldiers not to provide a defensive line of
sight, but for a fuel source....because there was nothing else. Despite these limitations, North Korea
actually has a fairly well developed cyber warfare capability.
According to a 2014 report published by Hewlett-Packard
researchers North Korea is seriously committed to the cyber aspect of their
national defense. The hermit kingdom’s
Unit 121 is considered to be one of the world’s premier cyber organizations,
third in size only behind the United States and Russia. South Korea estimates this team is comprised
of anywhere between 3000 and 6000 staff.
According to the HP report, some of the more notable hacks North Korea
has managed to pull off include:
(2004) Gained access to 33 of 80 South Korean military wireless
communication networks.
(2004) Hacked into the US State Department, US Defense
Department, and South Korean defense networks during discussions over nuclear
missile testing.
(2007) Tested a logic bomb
which led to the UN ban of certain pieces of hardware to North Korea.
(2009) DarkSeoul DDoS
targeted South Korean and U.S. government, media outlets, and financial
websites.
(2011) North Korea disrupted South Korean GPS signals, attempted a
DDoS attack against Incheon airport and Nonghyup bank.
(2013) DarkSeoul DDoS
attacked South Korean government’s DNS server and South Korean financial
institutions. (Osborne, 2014)
The Sony attack however appears to be the metaphorical
straw. Shortly after the hack and Sony’s
subsequent decision to pull “The Interview” from release, North Korea’s limited
access to the Internet was cut off for approximately 10 hours. It is unknown whether this was a deliberate
cyberattack against the regime or simply technical difficulties with the nation’s
four official networks (Robertson & Strohm. 2014). Researchers point out however that this occurrence
is definitely out of the norm. And while
the U.S. State Department won’t comment on the reports, there appears to be no
lack of likely actors willing to target the regime. Anonymous made headlines in 2013 for its
#OpNorthKorea campaign which targeted various North Korean websites. In the end, the Sony hack illustrates the
larger issue at hand; the next battlefield will undoubtedly occur in
cyberspace.
References
HP
Security Research. (2014). Profiling an enigma: The mystery of North Korea’s
cyber threat landscape. Retrieved from http://h30499.www3.hp.com/hpeb/attachments/hpeb/off-by-on-software-security-blog/388/2/HPSR%20SecurityBriefing_Episode16_NorthKorea.pdf
Osborne,
C. (2014). North Korea cyber warfare capabilities exposed. ZD Net. Retrieved from http://www.zdnet.com/article/north-korea-cyber-warfare-capabilities-exposed/
Robertson,
J. & Strohm, C. (2014). North Korean internet access restored after hours
long outage. Bloomberg. Retrieved
from http://www.bloomberg.com/news/2014-12-22/north-korea-undergoing-internet-outage-network-researcher-says.html
