Paradigm shift needed in cyber warfare against N. Korea

“Zero Days,” a 2016 U.S. documentary film directed by Alex Gibne, covers the 2010 cyberattack on Iran’s nuclear facilities. The film focuses on identifying the Stuxnet computer virus that destroyed the internal control networks of Iran’s Natanz nuclear plant and tracking down the mastermind behind the malware.

The documentary interviews world-class cyber security experts, former intelligence agency chiefs and anonymous whistleblowers before pointing fingers at the United States and Israel as the main culprit. It claims that the U.S. National Security Agency (NSA) and Israel’s Mossad intelligence agency developed Stuxnet in order to sabotage Iran’s nuclear development. Dubbed the Operation Olympic Games, the covert campaign’s elaborateness is beyond our imagination. The NSA analyzed photos of senior Iranian officials’ visits to the Natanz nuclear plant to find out the size, arrangement, model and manufacturer of the centrifuge for uranium enrichment.

Then, the spy agency developed a cyber weapon that would destroy the centrifuge’s rotary motor and infiltrated it into the nuclear plant’s control system. The cyber-attack dealt a severe blow to the Natanz nuclear facility but it was long before Tehran found out about the existence of Stuxnet. Furthermore, the film claims that the NSA also planned a full-blown cyberwar against Iran to cripple Iran’s military networks as well as its financial, telecommunication and traffic networks. The Stuxnet attack was just a “back alley” operation when compared with the larger plan.

In reality, several lines of malicious computer codes can deal a greater blow than a nuclear weapon does. If the computer control networks of major infrastructure goes down due to a cyberattack, it could lead to a total shutdown of state functions. When compared to the human body, the situation is equal to a coma caused by a paralysis in the central nerves.

It is also possible to manipulate a country’s political system and power structure to one’s advantage. The possibility was shown in the Russian intelligence agency’s alleged intervention in the U.S. presidential election. It is possible that cyberspace will control and rule the reality before long.

Cyber threats are also an imminent threat to South Korea’s security. North Korea’s cyberattacks become increasingly frequent and continue to evolve. Recently, the Pentagon said that the North is believed to be capable of paralyze the U.S. Pacific Command’s command post and power networks with a cyberattack. In reality, the North hacked the computer networks of South Korean broadcasting stations and financial institutions. Last year, North Korean hackers broke into the South Korean military’s Internet and internal networks to steal even top-secret documents including a wartime operational plan. The South Korean military, which thought its internal networks were safe from attacks from the outside, was taken off guard. The Ministry of National Defense scurried to take countermeasures, but it cannot avoid the criticism for locking the stable door after the horse is stolen. The public is anxious over the military’s security posture.

The military is largely responsible for the situation. While the North has been making all-out efforts to develop cyber weapons following the development of nuclear weapons and missiles, the South Korean military followed the old policy of building up conventional military might. South Korean military commanders should pay attention to the criticism that Seoul’s military is helpless against Pyongyang’s asymmetrical threats, despite its huge defense budget, which is three to four times that of the North,.

Seoul should seek a new paradigm in its military strategy against the North and military buildup. It should open its eyes to developing cyber counter-asymmetrical weapons. We urge the South Korean military to quickly implement a major upgrade of our military’s cyber forces. It would be the military’s negligence of duty to leave the cyber inferiority against the North unchanged.