The techno soldiers of Kim Jong Un are growing more aggressive in defending North Korea’s supreme leader against threats from Donald Trump and South Korea.
The country’s hackers stole military plans developed by the US and South Korea last year that included a highly classified “decapitation strike” against the North Korean leader, according to a South Korean lawmaker. The plans were devised as the regime in Pyongyang steps up nuclear tests and fired long-range missiles toward the Pacific Ocean.
The episode shows North Korea’s progress in infiltrating computer systems around the world three years after its hackers allegedly pilfered documents from Sony Corp. in retaliation for the film, “The Interview.” If Kim’s cyber warriors have indeed stolen the top-secret intelligence, it raises alarms about the security of US-South Korea information and the effectiveness of potential military options. “The plan is fundamental to conducting a war operation and leakage of even a small part of it is very critical,” Rhee Cheol-hee, the ruling party lawmaker, said. “How could we fight against an enemy and win a war if it’s already aware of our strategy?”
North Korea has been developing cyber capabilities as trade sanctions and a debilitated domestic economy make it difficult to invest in conventional military capabilities. While Kim is devoting resources to nuclear missiles, hackers offer a cost-effective way to threaten rivals that are typically reliant on technology systems.
“There is no doubt that they are using their capability in creative ways,” said Fergus Hanson, head of the International Cyber Policy Centre at the Australian Strategic Policy Institute in Canberra. “Stealing battle plans is obviously a good idea from a military point of view and they’re also monetising their capability to get around sanctions.”
While North Korea allows internet access to only a small portion of its population, it began to train its techno soldiers in the early 1990’s, according to South Korea’s Defense Security Command. The country probably employs 1,700 state-sponsored hackers, backed by more than 5,000 support staff, Hanson said.
The US defended its capabilities despite the alleged hack. In a briefing with reporters, Colonel Robert Manning, a Pentagon spokesman, wouldn’t discuss whether any breach occurred, but said the US has confidence in the security of its intelligence and its ability to deal with North Korean threats.
It wasn’t immediately certain whether the strike plans allegedly stolen by North Korea could have been a decoy in the long-running war of espionage between the two Koreas. North Korean hackers made international headlines in 2014 when they allegedly broke into Sony’s Hollywood operation as it was preparing to release “The Interview,” a Seth Rogen spy caper about meeting the North Korean leader. Sony Chief Executive Officer Kazuo Hirai called the attack “vicious and malicious” as it led to embarrassing revelations.
Then last year, a group linked to North Korea, called Bluenoroff,
allegedly stole money from Bangladesh’s central bank. In May, a group called Lazarus was linked by security researchers to a global ransomware attack that affected more than 300,000 computers.
This year, the country’s hackers appear to have stepped up their efforts to secure bitcoin and other cryptocurrencies that could be used to avoid trade restrictions. They increased attacks on exchanges in South Korea and related sites, according to a report from security researcher FireEye Inc.
“For South Korea, these targeted attacks from North Korea are not new. South Korea has relatively strong cyber security, but it faces an adversary with a significant asymmetric advantage,” says Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye. “North Korea has little connectivity and relatively limited reliance on technology, making it less vulnerable to attacks.”
FireEye said on its website that hackers likely affiliated with North Korea sent phishing emails to US electric companies for “reconnaissance” and that the security firm was able to stop them before any disruption in the power supply.