(CNN)US President Donald Trump and North Korean leader Kim Jong Un pledged to develop a new US-North Korea relationship during their historic summit in Singapore, but that won’t be possible as long as Pyongyang continues to use cyberattacks against the United States and its allies.
Each day, South Korea is believed to face an average of 1.5 million cyberattacks
from North Korea, and a team of the country’s hackers known as the Lazarus Group are believed to be the second-most active hacking operation in the world.
North Korea’s technical sophistication has grown to the extent that North Korean coders have ranked among the best in the world in international competitions
, allowing the regime to expanded beyond cyberattacks into the sale of facial recognition software
, virtual private networks and encryption software to help generate revenue. Those transactions are usually conducted by front companies to help Pyongyang skirt United Nations sanctions.
North Korea has pursued these capabilities to address specific challenges confronting the regime. Pyongyang faces a significant military gap with its neighbors and cyber capabilities provide an inexpensive way to level the playing field against more powerful states. Hacking and cyber attacks are anonymous enough that they give North Korea a degree of deniability.
And North Korea’s lack of connectivity gives the regime an asymmetrical advantage against more wired states, specifically the United States and South Korea, if they were to try to retaliate with cyberattacks of their own.
A three-pronged strategy
The development of North Korea’s cyber capabilities has allowed it to pursue a three-pronged strategy: engage in traditional espionage activities, earn money and provide the regime with a tool to deter its adversaries.
We can see elements of each objective in North Korea’s cyber activities.
The attack on Sony Pictures over “The Interview” in 2014
was designed to intimidate Sony and other studios. We saw that strategy succeed with Sony’s decision to pull the movie from theaters and the cancelation of Steve Carell’s North Korea-themed movie
The North has also engaged in espionage against South Korea. Attacks on South Korea’s Ministry of Defense and military contractors resulted in the loss of a large number of classified documents
, including partial wartime operations plans, and blueprints for a naval warship from Daewoo Shipbuilding and Marine Engineering.
Hacking has also been especially helpful to North Korea as a means to evade sanctions
and earn much-needed hard currency.
North Korea has gone after traditional banks, including the cyberheist of $81 million from Bangladesh’s central bank
, but more recently it’s turning to cryptocurrencies.
The anonymous nature of cryptocurrency allows the regime to avoid detection. Estimates indicate North Korea has hacked over 100 banks and cryptocurrency exchanges and to have successfully stolen $650 million
, including the $530 million heist from Coincheck earlier this year
No change from the North
The recent effort at détente with the United States and South Korea seems to have had little effect on North Korean behavior online.
Pyongyang is suspected of exploiting anti-terrorism drills
by the South Korean National Counter-Terrorism Council in preparation for the Olympic Games to spread malware, while Cisco Systems recently revealed
that a group tied to North Korea tried to use diplomatic summits as bait to install malware on South Korean computers.
That sort of behavior could prove to be the undoing of any agreement with North Korea regarding its nuclear weapons or ballistic missiles.
Much as the failure to address Iran’s ballistic missile and alleged terrorist activities undermined support for the Iran nuclear deal, failure to address North Korea’s cyber activities could undermine a nuclear agreement with Pyongyang.
The best way to manage this would be to negotiate a cyber accord with North Korea that delineates what cyber activities would not be acceptable.
Any agreement should be built around a set of principles that limit North Korea’s cyber activities and move Pyongyang away from criminal behavior as opposed to more traditional espionage type activities in which many states engage.
Among these, North Korea should agree to refrain from using cyberattacks as a form of retaliation against legal activities taken by private citizens and corporations.
Second, North Korea should end its attacks on the global financial system and refrain from resorting to cyber theft to steal hard currency.
Third, North Korea should agree that it will not support the theft of corporate intellectual property for competitive advantage or to sell to others for profit, as Washington and Beijing did in their cyber agreement
Lastly, North Korea should agree to not sell or provide its hacking services or software to third parties seeking to engage in the type of activities it has agreed not to engage in.
While North Korea’s nuclear weapons and ballistic missiles represent a future threat to the United States, North Korea is already using cyberattacks against the United States and its allies. An accord that limited North Korea’s cyber behavior to certain activities would help to support any nuclear agreement and to remove one more area of contention between the United States and North Korea.
Read more: https://www.cnn.com/2018/06/27/opinions/united-states-cyber-accord-north-korea-intl/index.html