North Korea’s Cyber Security Strategy

Since the Kim Il-sung era, the proliferation of information has shrunk the world through globalization.　 As a result of the proliferation of personal computers and technology, an unprecedented amount of information flows as fast as electrons.　 But if most countries are busy expanding cyber connectivity, North Korea focuses on the defense, disruption, and exploitation of cyberspace. Firewalls, cyber espionage, network attacks, and the dissemination of disinformation are the pillars of Pyongyang’s cyber strategy. 　

In short, North Korea thinks about cyber security in a fundamentally different way from that of developed democracies.　 This is an insight that emerges from an important new study, Warring State: China’s Cybersecurity Strategy.　 In that report, author Amy Chang explains how China seeks to systematically exploit cyberspace to preserve the Chinese Communist Party.　 The primacy of party preservation is leading China to take a networked approach for leveraging information to buttress territorial claims, promote economic growth, and other goals.　 China’s sense of rules governing the cyber commons derives from these national security objectives.

North Korea’s cyber security strategy is closer to China’s than it is to that of South Korea or the United States.　 Cyber space is used to ensure the survival of the Kim dynasty.　 Cyber attacks provide an asymmetric weapon against a superior opponent’s vulnerable information technology network.　 A cyber offensive is also far less likely to trigger a military response than the overt use of force.　 Likewise, securing the cyber domain and controlling the information that runs through it strengthens the regime from outside attacks while dominating the domestic narrative.　　

Cyber security almost surely masks severe and even crippling fault lines within North Korea.　 The level of dissent in elite circles, the true capacity of nuclear and missile programs, and the genuine challenges of managing a feudal kingdom in twenty-first century Asia are all hard to gauge from the outside because of North Korea’s virtual monopoly over information.　 Yet the same system that relies on a closed information system domestically is increasingly keen to exploit an open information highway internationally.　 　

Yet as Admiral Harry Harris, the man chosen to become the next Commander of the United States Pacific Command, recently testified that North Korea remains

“the most volatile and dangerous threat” to peace in the Asia-Pacific region.　

The reason for this is North Korea’s simultaneously weak and strong government.　 Economically bankrupt and internationally isolated, North Korea is a political collapse waiting to happen.　 But a dictatorship equipped with a lethal and asymmetric arsenal, unbounded by the rule of law of international norms, is particularly dangerous. 　

The cyber attack on the Sony Corporation provides an excellent case study in which to consider North Korea’s burgeoning cyber capabilities.　 North Korea has been named the likely culprit behind the malicious cyber attack last month that destroyed hard drives and placed proprietary information and releasing it via the Internet.　 Sony has blamed Pyongyang.　 Moreover, Korean-language found in the malware of this malicious attack, as well as an official response of “wait and see”, certainly suggest a North Korean cyber operation. 　

North Korea certainly had motive.　 North Korea is an international pariah, focused on asymmetric means of attack, and quick to pull the trigger in defense of Kim Jong-un.　 It is noteworthy that North Korea felt it necessary to outlaw naming one’s child Kim Jong-un.　 The Kim family dynasty is North Korea’s version of exceptionalism.　 Even a comedic movie depicting an attempted assassination of the 31-year-old marshal is tantamount to an act of war. Finally, the timing was mighty suspicious, with the breach coming a month before the scheduled release of The Interview. 　Pyongyang accused the United States of “sponsoring terrorism,” and from the warped vantage point of a system built to perpetuate the survival of the Kim family, that bit of vitriol may not appear as far-fetched inside North Korea as it does outside among those nations connected by a cyber commons. 　

North Korea also has the means.　 An increasing number of North Korean attacks on government and private-sector computer systems have been reported in recent years.　 North Korea has thousands of trained cyber-warriors.　 One defector who reportedly worked with a cyber unit before escaping a decade ago claimed that his unit operated out of a Chinese hotel owned by North Korea.　 While the international community offers North Korea educational exchanges, North Korea uses many of these exchanges to train next-generation hackers and cyber warriors.　 A vast empire of illicit smuggling has possibly been shifted to online theft and trafficking. 　

If North Korea believes that Hollywood is a national security, then this opens up a huge chasm of potential miscalculation in a future crisis.　 If and when North Korea conducts a fourth nuclear test and deploys an intercontinental ballistic missile, the repercussions could be catalytic and deadly.　 Consider the expected confirmation of Dr. Ashton Carter as the next Secretary of Defense of the United States.　 Although Americans know Ash Carter as a brilliant defense intellectual, North Koreas probably care more that in 2006 he advocated a preemptive surgical strike in the event that the North provocatively deployed a long-range nuclear missile.　 Well, to harken back to last month’s testimony by Admiral Harris, the deployment of North Korean missile systems under development could strike the continental United States.　 This is precisely the kind of missile deployment that the next Secretary of Defense is likely to have to deal with over the next two years. 　

Cyber space remains a largely ungoverned domain.　 Unlike nuclear deterrence, the rules are not well defined.　 North Korea is disconnected from a world networked together through cyberspace.　 The same information superhighway that brings us instant news also has linkages to the command and control of military forces, even missiles and nuclear weapons.　 Volatility and threat, as Admiral Harris suggested, pose a real and present danger.　 That danger is magnified by starkly different concepts of what constitutes a cyber attack.

Dr. Patrick M. Cronin is Senior Director of the Asia-Pacific Security Program at the Center for a New American Security.