Releasing the Stuxnet virus worked, for a time, to shut down Iran’s nuclear research program, so why not use it again against North Korea? The recent posturing and saber-rattling of the DPRK at the South raises the question of why the U.S. doesn’t simply release a cyberworm into North Korea’s infrastructure, shut the whole hugely hyped operation down, and then kick back with a beer to watch "Game of Thrones?"
Apparently, there are at least three major reasons why not. First, there’s the problem of international precedent. Starting a pattern of hacking anyone we vaguely dislike -- even a charter member of the "Axis of Evil" -- could spark some nasty international trends.
“You want to be very, very careful about using cyber means to degrade another country’s capabilities,” Dr. Kenneth Lieberthal, a senior fellow in Foreign Policy and Global Economy and Development at the Brookings Institute, told the International Business Times. “That sets an example that could really come back to haunt you. If you strike first, you’ve lost the moral edge.”
Much of the problem, Lieberthal said, stems from the still very Wild West nature of the cyberworld. There are very few to no rules, and further, it's difficult to make any international rules since nations differ on their policing, censorship and cultural standards. Attacking North Korea in retaliation for last month’s cyberattacks against South Korea’s banks and TV stations “would set a precedent that we really don’t want to be associated with,” Lieberthal said. “It would legitimize that and make it difficult to oppose that activity in the future.”
And besides, even a full-scale attack on North Korea would do little damage to the country’s infrastructure.
“The compound effect will likely be less than North Korea's alleged interference with South Korean infrastructure because the country is far less dependent on cyber-based infrastructures than is the South,” Rafal Rohozinski said in an email to the IBTimes. Rohozinski is the CEO of the SecDev Group, a Canadian analytics company that specializes in at-risk regions and countries.
In other words, North Korea may be so underdeveloped that completely taking out any kind of digital infrastructure would not only have a relatively small effect, but any cyber-retaliation against the West -- especially against hyper-wired South Korea -- could do substantially more damage to our ally than we could do to the South's nemesis. In short: We have much more to lose than they do.
Further, these types of attacks have notoriously difficult-to-trace origins, and this sort of ambiguity is likely to remain a prominent feature of future cyberattacks given the relative ease of hacking into and commandeering a computer from across the world. The identity of South Korea’s cyberattackers is still being sought. This makes it extremely hard to legally justify attacking a not-yet-proven-guilty party, Lieberthal said.
“It’s difficult to impossible to ascertain exactly who controlled the platform,” he said. “There is no proof North Korea did this attack.” In fact, the original computer that shut down South Korean systems was found to have been in Europe.
Assuming the U.S. carried out a successful attack and dismantled North Korea’s nuclear program, the ripple effects thereafter could be potentially devastating. Consider the Stuxnet virus, allegedly written by Israel and the U.S. and used to shut down Iran’s nuclear facilities. The virus spread, not because of faulty script, but because a civilian accidentally took the virus home on a thumb drive after he or she had plugged into an infected computer.
“This stuff has unintended consequences,” Lieberthal said. “Combine this with the issue of setting a precedent and falling short of 100 percent certainty on attribution, suddenly you’re asking, why would you cyberattack North Korea?”
Some part of a plan to at least fortify the South appears to be in the works. South Korea’s Defense Ministry and South Korean media reported on Monday, in what one can only hope was not an April Fool's joke, that South Korea and the U.S. are collaborating on “cyber warfare scenarios.”
“We will cooperate with the U.S. to prepare measures in cyber policy, technology and information,” an unnamed senior defense official told the state-funded Yonhap News. These measures are in addition to the previously announced joint U.S. and South Korean military exercises ordered in the wake of North Korea’s increasingly hostile rhetoric.
Shortly after the March attack, the AP speculated how unlikely it is that “impoverished North Korea” could have enough resources to train and employ skilled hackers to take on the relatively wealthy and developed infrastructure in South Korea, although it noted that the DPRK has been pouring considerable resources into science and technology development in the past “several years.” In March 2012, the commander of U.S. forces in South Korea told Congress that North Korea is mounting an “asymmetric arsenal,” which included a “growing cyber warfare capability.”
In June 2012 Business Insider reported that after more than 30 years of development and research, North Korea was able to jam GPS signals on the Korean Peninsula, and in 2009 it jammed several South Korean military websites. The report claimed that South Korea “remains woefully unprepared for mounting counterattacks in this active cyberwar.” Part of the danger of these developments, Professor Kim Seeongjoo told the AP, is that the DPRK has nothing to lose in these attacks. “There is no target for South Korean retaliation,” he said.
If true, after 30 years, this fight, as they say, has been a long time coming.
Maya covers the U.N., Europe, and the Middle East for IBTimes. She joined the company in July 2012 after having previously worked with DNAinfo.com and Gawker.