body-container-line-1
27.02.2018 Opinion

North Korean "Cyber Songun"

By Clement Kpeklitsu
North Korean Cyber Songun
27.02.2018 LISTEN

The main trends in the development of telecommunications technologies determine the continuous increase in the dependence of modern society on transnational network resources. The global information space includes both individuals, civilian and military infrastructure resources.At the same time, there is practically no legal regulation in this sphere.

This situation creates ideal conditions for the work of hackers.Despite the continuous improvement of the means of protection, cybercriminals are still extremely difficult to track and virtually impossible to hold accountable.At the same time, their activities do not require large financial costs, and the results of the actions bring significant dividends.

The leading positions in the field of Cyber War traditionally are occupied by the USA, China, the Russian Federation and Israel. Recently new powerful players have appeared in the virtual theater of war – Iran, India and North Korea.

Thus, Pyongyang very well understands the advantages of cyberaction and, along with the nuclear missile program, considers it an important element in the implementation of the national policy of "Songun" ("The Army is on the first place").The state leadership of the republic pays considerable attention to the training of specialists in the field of computer technologies, creates attractive conditions for their subsequent employment.The most promising candidates are to be sent to study in profile educational institutions of China and Iran.

According to experts on information security, the modern North KoreanCyber Armyis characterized by high professionalism and aggressiveness. The former deputy director of the US National Security Agency, Chris Inglis, described Pyongyang's cyber program as "one of the most effective on the planet, because it was designed to achieve all of its goals at minimum cost".

Despite the lack of direct evidence, the media and intelligence officials now attribute a large number of resonant cyber-attacks to North Korean hackers. Analyzing these incidents, we can identify the main goals of Pyongyang in cyberspace.

First of all, the numerous introduction of financial organizations in the network are a significant source of income, which is especially important for a country living under severe economic sanctions. In addition, North Korean hackers make a significant contribution to the development of the national military-industrial complex by stealing foreign military technology.

Another important area of activity of specialists from the DPRK is the collection of personal information about individuals, the personnel of the armed forces and plans for military and political leadership of their main opponents - the United States and South Korea.

As recent attacks of the WannaCrycomputer virus have shown, Pyongyang has the ability to disable civilian infrastructure facilities, and probably military infrastructure. Finally, a special place is given to strengthening the image of the state and its leader. FBI believed that it served as a cause for breaking into the servers of SonyPictures.

Activities of the DPRK in cyberspace distinguish asymmetry and the ability to mask their actions. The first feature is based on the isolation of the state from the Internet network, which makes it possible to significantly reduce the possibility of a response cyber-attack.

According to the British newspaper Guardian, the US attempt to use the Stuxnet virus to attack the objects of the DPRK nuclear complex in May 2015 ended in failure. In turn, camouflage is realized due to access to the global network from the territory of foreign states. The American edition of Business Insider, citing experts on cyber security and intelligence reports, claims that a significant part of North Korean hackers are deployed in the Chinese hotel "Chilbosan" (Shenyang).

Information securitycompanyRecordedFuturenotes that North Korean specialists also access the Internet from a foreign territory via servers in India, Malaysia, New Zealand, Nepal, Kenya, Mozambique and Indonesia.

Pyongyang often resorts to carrying out so-called "operations under a foreign flag." Its attacks are masked by the actions of Russian or Chinese hackers. The effectiveness of this approach is achieved because the West traditionally views these countries as the main threats in cyberspace.

It is extremely difficult to assess the real potential of the Cyber Army of the DPRK. The intelligence services and analysts of IT companies do not have a clear idea of its composition, strength and management system.Data on personnel ranged from 50 people to 17000 employees.Referring to the assessments of US and British intelligence services, the publication reports that the Korean People's Army (KPA) has over 6,000 hackers. However, most of them are outside the country.

Regardless of the size of the specialized structures of the DPRK, the North Korean cyber threat is real and causes increasing concern around the world. Analysts of the largest IT companies, experts in the field of information security and anti-virus protection, representatives of the intelligence and defense departments of the United States and Europe unanimously declare Pyongyang's substantially increased potential in the field of information impact.

They also state a low degree of security against such attacks. According to Robert Silvers, a former employee of the US Department of Homeland Security, while the whole world has focused on Kim Jong-Yung's nuclear program, the North Korean leader is developing the potential of weapons capable of causing significant damage to the United States "without a single missile launch."

Now experts try to guess what will be the next target of the Cyber Army of the DPRK. Despite some "warming of relations" between Pyongyang and Seoul, it is still premature to talk about the readiness of the North Korean leadership to finally make peace with its southern neighbor.

Along with this, there is no confidence in the sincerity of Washington's statements about supporting the process of de-escalating tension on the Korean peninsula. Therefore, it can be argued that KPA experts will continue to seek vulnerabilities in their opponents' network infrastructures. An alarming message spread by the American developer of anti-virus software - the company McAfee. According to her, hackers from the DPRK made attempts to break into the databases of the organizers of the Winter Olympics in South Korean Pyeongchang. It is not known whether this was the collection of information or preparations are being made to disable the facilities of the Olympic infrastructure. In any case, it is necessary to recognize the correctness of Silvers, for the imaginary "nuclear fungus" the world does not yet notice the real threat.

body-container-line