Partly for work, partly for personal interest, I’ve been following reports on North Korea’s efforts in cyberspace, including a cyber-attack on Korea University, an attack on the South’s agriculture bank and cooperative, Nonghyup, and speculation that Kim Jeong-Eun was behind at least some of the cyber attacks prior to taking over the country in December upon the death of his father.
U.S. defense officials are also tracking North Korea’s cyber activities, saying in testimony on Capitol Hill today that the North has added “sophisticated cyber attack capabilities” that mark “a skilled team of hackers” as the newest addition to North Korea’s arsenal.
Given the limited ability to definitively trace and prove the origin of cyber attacks, I’m not sure how these new capabilities fit in with the North’s unique method of international relations. A method whereby the North intentionally creates and escalates international tension, before trading away a reduction in those tensions in return for aid from China, South Korea, and elsewhere. If cyber attacks can’t be traced to the North, how can the North use them as a bargaining chip?
Instead, the new cyber capabilities appear to be exactly what they were called on the Hill today – military weapons. The North will likely continue to expand and hone its cyber capabilities, including attacks on outside countries, viewing them as a cheap, domestically-produced alternative to weapons purchased from Russia or China. A weapon capable of use with far less backlash, or evidence, than shelling South Korean islands or torpedoing South Korean warships. These new cyber assets are less about generating aid than about improving military capabilities in a cost-effective, easily testable, relatively safe manner.
After all, which is easier, cheaper, and offers less potential blowback – building and testing a missile that can threaten the U.S., or developing a cyber capability that can accomplish the same thing?