The main trends in the development of telecommunication technologies determine the continuous increase in the dependence of modern society on transnational network resources. The global information space consists of personalities as well as resources of civilian and military infrastructure. At the same time, today there is practically no legal regulation in this sphere. This situation creates ideal conditions for the work of “computer burglars” – the well-known hackers. Despite the constant perfection of means of protection, it is extremely difficult to trace and almost impossible to prosecute “cyber criminals”. At the same time, their activities do not require large financial costs, and the results of their actions bring significant dividends.
Traditionally, the leading positions in the field of “cyber war” are occupied by the United States, China, Russia and Israel. However, recently there are new strong players namely Iran, India and North Korea.
Becoming increasingly aware of the advantages of “cyber influence”, Pyongyang considers it as an important element of its national policy “Songun” (“Army in the first place”) along with the Missile Programme. The North Korean leadership pays considerable attention to the training of specialists in the field of computer technology, and creates attractive conditions for their subsequent job placement. The most promising candidates are sent to study in specialized educational institutions of China and Iran. According to experts on the issues of information security, the modern “cyber army” of North Korea is characterized by high professionalism and bellicosity. Chris Inglis, former Deputy Director of the US National Security Agency (NSA) called the cyber programme of Pyongyang “one of the most effective on the planet, because it allows to achieve the goals at minimal cost.”
Despite the absence of direct evidence, the media and intelligence agencies are now ascribing a large number of resonant “cyber-attacks” to North Korean hackers. In analyzing these incidents, it is possible to distinguish the main goals of Pyongyang in the “cyber space”. First of all, the numerous implementations in the network of financial institutions are a source of income for the sanction-stricken country.
In addition, North Korean hackers make a significant contribution to the development of the national military-industrial complex by stealing military technology. Another important area of activity of specialists from the DPRK is the collection of personal information about individuals, personnel of the armed forces and the plans of the military and political leadership of its main opponents, that is to say the United States and South Korea. The recent attacks made by using the WannaCry virus have shown that Pyongyang has the ability to disable the civil and possibly the military infrastructure. Special emphasis is given to strengthening the image of the state and its leader. According to the FBI, this was the reason for hacking the servers of the Sony Pictures film studio.
It should be noted that the DPRK’s activities in “cyber space” reflect asymmetries and the ability to mask its actions. The first feature is based on the isolation of the state from the Internet, which allows to reduce significantly the likelihood of retaliatory “cyber strike”. Thus, according to the British newspaper The Guardian, the attempt to use the Stuxnet virus to attack the units of the DPRK’s nuclear complex in May 2015 ended in failure. In turn, the disguise is implemented through access to the global network from the territory of other countries. The American edition of “Business Insider”, citing experts on “cyber security” and intelligence reports, claims that a significant part of North Korean hackers are deployed in the Chinese hotel “Chilbosan”, in Shenyang city. The company Recorder Future, specializing in the field of information security, notes that North Korean experts also have access to the Internet from the territory or through servers originating in India, Malaysia, New Zealand, Nepal, Kenya, Mozambique and Indonesia. In addition, Pyongyang often resorts to the so-called “operations under another’s flag”. In particular, attacks are disguised as actions of Russian or Chinese hackers. The effectiveness of this approach is achieved through the fact that these countries are traditionally considered by the West as the main threats in the “cyber space”.
It is extremely difficult to assess the real potential of the “cyber army” of the DPRK. Suffices to say that intelligence services and analysts of IT companies do not have a clear idea of its composition, size and management system. At different periods of time, the data on personnel varied from fifty to 17,000 employees. This most relevant piece of information was published in the New York Times. Referring to the assessment of the US and British intelligence services, the report cites that the Korean People’s Army (KPA) has more than 6,000 hackers. At the same time, most of them are outside the country.
However, regardless of the number of specialized structures of the DPRK, the North Korean “cyber threat” is real and causes all sorts of fears around the world. Analysts of the largest IT companies, specialists in the field of information security and anti-virus protection, representatives of intelligence and defence agencies of the United States and European countries agree on the view that Pyongyang significantly increased its potential of in the field of information influence. They also converge in the assessment that there is a low degree of protection against such attacks. According to Robert Silvers, former employee of the Ministry of Homeland Security of the United States: while the world focuses on the nuclear programme of Kim Jong-Un, the North Korean leader develops the potential of weapons capable of inflicting significant damage to the US “without a single rocket launch”.
Now, the specialists are left to wonder what will be the next target of DPRK’s “cyber armу”. Despite some “warming of relations” between Pyongyang and Seoul, it is still untimely to talk about the readiness of the North Korean government to finally make peace with its southern neighbor. At the same time, there is no confidence in the sincerity of Washington’s statements regarding US support for the process of de-escalation of tensions on the Korean Peninsula. Therefore, we are set to expect that North Korean ‘experts’ continue to look for vulnerabilities in the network infrastructures of their opponents. McAfee, the US developer of anti – virus software spread an alarming message. According to its data, hackers from North Korea carried out the hacking attempts on the databases of the organizers of the Winter Olympics in South Korea’s Pyeongchang. It is not known whether this was a gathering of information or a preparation for the disabling of Olympic infrastructure facilities. In any case, one should admit the truth of Robert Silvers’ words: the world fails to notice the real threat behind the imaginary “nuclear deterrent “.