Peering into North Korea’s Future: the Cyber Angle

Looking out over the DMZ into the drab proto-industrial North Korean villages along the border.

With the death of North Korean dictator and “Dear Leader” Kim Jong Il, I join the rest of the world in welcoming this early Christmas gift… at least I hope that it proves to be so.

Egypt’s Mubarak is gone but the country is less stable; post-Qadhafi Libya’s political course is still an open question. So uncertainty is the only safe prediction about North Korea’s near-term political environment. But no nation’s people have endured such unrelenting deprivations (mass starvation, no fuel) for so long in the post-World War II era.

I have no special insight into North Korea’s future. My only DMZ visit on the Peninsula, with a close-up look at Panmunjeom and beyond it “the last Stalinist state on earth,” was in 2006 (see my photos and observations here).

But I have noted the Western-education background (and apparently technologically-intensive current activities) of “The Great Successor,” Kim’s son Kim Jong-Un. One can understand the intense focus which Western governments have trained on the younger Kim’s background and activities, for any clues into his plans – and the plans of those who surround him, or potentially could rival him.

Only a year ago, in October 2010 SCIENCE Magazine published a short but interesting story on Kim Jong-Un, asking “Will Korea’s Computer-Savvy Crown Prince Embrace Reform?”

According to internal North Korean propaganda, informants claim, Kim oversees a cyberwarfare unit that launched a sophisticated denial-of-service attack on South Korean and U.S. government Web sites in July 2009. South Korea’s National Intelligence Service blamed the North, which has not commented publicly on the attack. Kim Jong Un’s involvement cannot be confirmed, says computer scientist Kim Heung-Kwang, founder of North Korea Intellectuals Solidarity, a group of university-educated defectors that raises awareness of conditions in the North… But it’s plausible: Kim claims that Kim Jong Un was tutored privately by a ‘brilliant’ graduate of Universite Paris X who chaired the computer science department at Kim Chaek University of Technology in Pyongyang before disappearing from public view in the early 1980s.” [emphasis added]

To get a feel for how the North’s military has gone about organizing for cyber activities, the best unclassified source I know of remains Christopher Brown’s 2004 Naval Postgraduate School thesis “Developing a Reliable Methodology for Assessing the Computer Network Operations Threat of North Korea.” Brown wrote, by the way, that his thesis was an attempt “to prove that a useful methodology for assessing the CNO capabilities and limitations of North Korea can be developed using only open source information” (emphasis added). Brown also wrote about the early personal role of Kim Jong Il’s eldest son Kim Jong Nam in establishing the priority of computer network operations among military activities (Nam once headed a North Korean intelligence agency, though in recent years he dissipated into a South-Park-like role as a casino-loving playboy).

More recently, there’s information on North Korea’s cyber hacking military units here, where StrategyPage.com concluded (in 2009) that “North Korea is something of a museum of Stalinist techniques. But it’s doubtful that their Internet experts are flexible and innovative enough to be a real threat.”

The contrary view, with a heightened state of alarm about North Korea’s capabilities and intentions, runs through Richard Clarke’s 2010 book Cyber War, where he recounts breathlessly the Soviet-Olympic-style recruitment of “elite students at the elementary-school level to be groomed as future hackers.” In a publicity interview for the book, Clarke told Forbes magazine: “if you ask who’s the biggest threat in the sense that they might use their abilities, it might be North Korea. First, they’re crazy, and second, they have nothing to lose.”  Even China’s People’s Daily English-language version carried a dire summary in December 2010 of North Korea’s aggressive cyber intentions, “Cyber Attack from Pyongyang: South Korea’s Nightmare?”

I hope and expect that cyber activities will not be the immediate focus of the new post-Kim Jong Il leader. Certainly regime transition and  consolidation of authority is the first priority. So far, two days after the actual death, we’re seeing a mannered roll-out of news and propaganda consistent with the clockwork transition from “Great Leader” Kim Il-Sung to his own son in 1994.

Everyone’s watching….

My stroll over to the far side of the famous Demilitarized Zone (DMZ) table, where I was testing the patience of the MP breathing down my neck.

A few words about a few great Pentagon leaders

I was thinking about the Pentagon over the long weekend – appropos, given the Memorial Day celebration. But my thoughts were also sparked by viewing a 9/11 documentary, reviving all the memories of that dark day’s attacks on New York and Washington – which ultimately led to my joining the ranks of defense intelligence for a while.

Continue reading →

A Roadmap for Innovation – from Center or the Edge?

Fact:   In marking its five-year anniversary earlier this month, the Department of Homeland Security released a fact sheet touting the department’s accomplishments in that time, including “establish[ing] the Computer Emergency Readiness Team (US-CERT) to provide a 24-hour watch, warning, and response operations center, which in 2007 issued over 200 actionable alerts on cyber security vulnerabilities or incidents. US-CERT developed the EINSTEIN intrusion detection program, which collects, analyzes, and shares computer security information across the federal civilian government. EINSTEIN is currently deployed at 15 federal agencies, including DHS, and plans are in place to expand the program to all federal departments and agencies.”

Analysis:  I’m not going to write, in this post at least, about US-CERT and EINSTEIN in particular. I will point out that some writers have been skeptical of “Big DHS” progress on cyber security up to now, and the anniversary was an occasion for much cynical commentary. 

Charles Cooper in his popular Coop’s Corner blog on CNet wrote that “when it comes to network security, DHS appears to be more of a wet noodle than even its sharpest critics assumed… Talk with security consultants and former government officials involved with DHS and you come away wondering what these folks do all day.”

Continue reading →

War-Zone Tourist

Looking out over the DMZ into the drab proto-industrial North Korean villages along the border.

"So, picture yourself looking through MacArthur’s aviator glasses…"

Our DMZ guide, an Australian Defence Forces officer serving in the United Nations Peacekeeping Mission, would be great at shadow puppets.