Kim Jong Un has quietly built a 7,000-man cyber army that gives North Korea an edge nuclear weapons don't
North Korean leader Kim Jong Un at a military parade marking the 70th anniversary of the establishment of the Korean People's Army in Pyongyang in this photo, released on February 9, 2018 by the Korean Central News Agency in Korea.
KCNA / via REUTERS
North Korea has a cyber army of approximately 7,000 men trained to find secrets, disrupt critical infrastructure, and steal money to avoid sanctions.
These cyber attacks are often difficult to grasp in North Korea, as they come from countries like China and Russia, and a counter attack is almost impossible due to the rudimentary Internet in North Korea.
North Korea's likely next targets are critical US infrastructures such as power plants, dams, and power grids.
You can find more stories on the Business Insider homepage.
Scroll to continue with the content
North Korea's state-sponsored hack by Sony Pictures in 2014 about the film "The Interview" was extremely embarrassing for Sony. However, according to Daniel Russel, vice president of international security and diplomacy at the Asia Society Policy Institute, this was just the tip of the iceberg.
Russel, a former Deputy Secretary of State for East Asian and Pacific Affairs, recently spoke to insiders about the threat to the North Korean hacking army, how it will support the North Korean nuclear program, and what the future holds if the United States does not accept the threat.
Insider: When did this cyber army start?
Kyodo / Reuters
Daniel Russel: The North Korean cyber operation, which has been documented by many cybersecurity companies, lists this main group as from around 2010. However, this gives the impression that we know much more about cyber activities in North Korea than I think we really do.
North Korea has grown and invested in an elite cyber force under the control of its military, the Korean People's Army and the General Intelligence Agency - Kim Jong Un's secret security apparatus. It is estimated that there are approximately 7,000 people who are fairly well educated, both in special domestic programs in North Korea and in parts of their universities.
In other cases, they appear to be trained in China or Russia. Quite a few of them are spread across China, Russia and some in India. They use other countries as a platform and to carry out their various cyber activities, as North Korea has its own internal internet or intranet system to prevent North Koreans from accessing information from the rest of the world, but above all to do so prevent the rest of the world from getting on.
This makes it very difficult to get a definitive attribution that the attack came from North Korea and increases the risk that China or Russia will get the blame. It also makes it more difficult for services in countries like the United States to take revenge because you run the risk of taking revenge against China or Russia for something that is actually designed and carried out by the North Koreans.
Insider: How do we determine that these attacks are actually being carried out by North Korean actors?
US homeland security officers at a briefing accusing North Korea of triggering the so-called WannaCry cyberattack in the White House on December 19, 2017.
REUTERS / Kevin Lamarque
Russel: You are dealing with technical areas for which I am spectacularly unqualified because I am not a digital or cyber expert. But the people who are real experts, Mandiant, FireEye or CrowdStrike or the CIA or the NIS, South Korea's secret service, have a very sophisticated ability to do forensic detective work in the cyber realm. In many cases, they can identify patterns, code, servers, and the like to trace things back to North Korea.
These companies publish a worldwide report on cyber threats annually. They track and classify all of these various important hacking operations. They call them Advanced Persistent Threats, APT. North Korea is hosting something they call APT38 - or the Lazarus Group, Guardians of Peace or Hidden Cobra. These are types of code names. APT38 is number one on the list of global cyber threats.
In some cases, North Korea directly requested credit for a cyber attack. In addition, Kim Jong Un and the Korean Workers' Party have increasingly talked openly and directly about their cyber ability.
They now use the same vocabulary for cyber as for their nuclear weapons. They call it "a multi-purpose sword that guarantees our ability to hit relentlessly".
Insider: You called the Sony hack "chicken shit". Can you tell me what major projects there are?
Movie posters for the film "The Interview" at the theater of the Ace Hotel in Los Angeles, December 11, 2014.
AFP via Getty Images
Russel: You could divide it into three categories: espionage; Sanctions evasion by cyber theft; and harassment, interference, and retribution - the Sony hack was an example.
A key use of cyber for North Korea is theft of secrets. CrowdStrike has documented a lot, but it is the US government and foreign governments that are paying close attention.
In 2016, APT38 stole approximately 40,000 defense documents with information about F-16 fighters and drones from South Korean contractors. It is also believed that North Korea stole a PowerPoint summary of the U.S. military's top-secret operational plan called Op Plan 5027, which is the war plan for the United States.
Second is the cyber theft category. In March, the Justice Department unveiled charges accusing some Chinese and North Korean nationals of laundering $ 100 million for North Korean nuclear activities. This indictment makes it clear that the money these people laundered was part of a $ 250 million theft in North Korea in a cyber attack on a global cryptocurrency exchange. So this is not just imaginary stuff.
Cyber theft effectively neutralizes United Nations and United States sanctions against North Korea. If North Korea is denied a billion dollars for the sale of coal, iron and mushrooms, but can steal a billion dollars, the sanctions will not have the intended effect.
Although the government is very proud of its efforts to maintain sanctions against North Korea, this is an immense gap and it will not only buy the chic Mercedes we saw Kim Jong Un driving around in Donald and Donald Trump with in Hanoi. This money is used to finance North Korea's nuclear weapons and ICBM programs. We pay for the threat against us.
Korean Central News Agency / Korea News Service via AP
At the top end, it may be a devastating destruction of critical infrastructure in the U.S., Japan, and South Korea.
The WannaCry virus was ransomware; One might argue that the aim is to get money, but it has caused a major disruption to hospitals in the UK and possibly in more than 100 other countries where they spread the ransomware. This was software that brought the operation of critical facilities to a standstill.
This is not hacking; This is cyber warfare.
Cyber weapons balance the competitive environment for North Korea in a way that nuclear weapons cannot. The United States, China, and Russia not only have far more nuclear weapons than North Korea, but a nuclear weapon is all or nothing.
Cyber Warfare has a completely different risk-return calculation. It is an inexpensive, asymmetrical, relatively low-risk weapon system. And the United States is the most vulnerable country on planet earth to disruptive cyber attacks.
Most American infrastructure was built in the pre-digital age - energy networks and the Hoover Dam. They are retrofitted with MacGyver-style provisional Internet connections, as opposed to a new infrastructure that incorporates digital security measures. So you have someone who starts their router, like with one of those old "you have email" connections.
The US has a lot of it, number one. About 80% of America's critical infrastructure is privately owned. Who pays for upgrading the power plant? Who pays for upgrading air traffic control systems? Who will pay to upgrade the rail systems and the mobile network? Good luck that these private companies sell their shareholders by investing billions of dollars in upgrades.
If it's bad now, imagine what 5G and the Internet of Things will look like. New interconnectivity opens up new opportunities for malicious cyberattacks, and you'll wake up one morning to find that your toaster is ready to kill you thanks to Kim Jong Un.
Insider: Are there other ways that this cyber army can be innovative?
North Korean leader Kim Jong Un receives applause when he leads the multi-missile launch exercise for women's sub-units under KPA unit 851 in this undated photo, which was published on April 24, 2014 by the Korean Central News Agency (KCNA) in North Korea.
Russel: I think the new threat that we're completely unprepared for is less a technical innovation than a strategic one. We can see that North Korea is exercising its ability to shut down and threaten an entire American city or facility in the United States, which is critical to our economy, our security, and our national security.
This cyber ability to take not just a bank hostage but a nation hostage will be North Korea's next-generation weapon of mass destruction.
There is no big bang. There is no missile that can be fired on the launchpad, and because North Korea's own internet or intranet system is so difficult to access, direct retaliation or preventive cyber defense may not be possible. We have to sprint now to get ready because we can see what is very likely to come.
Insider: What are we doing at the national level and to support our allies against these types of attacks?
South Koreans burned portraits of former North Korean leader Kim Jong Il and current leader Kim Jong Un after a cyber attack in 2009.
REUTERS / Jo Yong-Hak
Russel: I'm sure there are many cyber defense initiatives and programs through the Department of Defense, the FBI, the Department of Homeland and National Security, the CIA, etc. - some with Five Eyes' intelligence partners. some with different allies, and then NATO has a program. USA, Japan, South Korea have programs. But I am not so current where it is now and how well developed they are, and that is only part of it.
I firmly believe that this is not a priority for the Trump administration.
Donald Trump was ready to accept his best friend Kim Jong Un's word that North Korea has no intention of threatening the United States. He turned a blind eye when North Korea violated UN sanctions by firing medium-range ballistic missiles into the Japanese Sea.
Because North Korea is so heavily dependent on China, not just for cyber, but in the case of cyber, access to servers, its pipelines, etc., it would be vital for the United States to develop some level of cooperation with China North Korea’s offensive cyber threat.
Obviously, we would have to do a lot more on the diplomatic side to offer North Korea an international united front that would make it difficult to find those cyber platforms that can be used against us.
A cartoon of Kim Jong Il's son Kim Jong Un, who is bleeding from North Korea's official YouTube account, on a computer screen in Seoul, January 9, 2011.
REUTERS / Lee Jae-Won
The United States must launch a crash campaign to improve critical infrastructure defense. It is not a secret. There are many warnings from the US intelligence community and cyber security companies. But as far as I know, the United States has no cyber tsar.
In my opinion, the most important thing is deterrence. Deterrence means convincing the other side that the consequences of an attack are sufficiently certain and that the United States' ability is proven so well that the risk is too high.
The fact is that North Korea has been successful in so many of these cyber attacks and has received a passport from the Trump administration so that it continues to build ICBMs. It continues to develop other weapons.
The United States has withdrawn to joint military exercises with South Korea. The US is in the middle of a grudge game with South Korea over the cost of deploying American troops. The US is in the middle of a demolition derby with China. It contradicts so many countries that have historically been American partners.
What North Korea sees in the United States doesn't scare you.
This interview was edited and condensed.
Read the original article about Business Insider
Why Mets fans should not be hitting the panic button after free agent 'misses'
Chiefs-Bucs Super Bowl should have been played in L.A.
Projecting the coaching staff if the Texans hire Chiefs OC Eric Bieniemy
Mercury Marauder: Throwback To An Early 2000’s Sleeper
Strange costumes of Capitol rioters echo the early days of the Ku Klux Klan - before the white sheets
Before and After: Home Refreshed for a Family’s New Lifestyle (18 photos)