North Korea’s shadowy hacking army is back in the spotlight.
A congressional hearing, new legislation and South Korean President Park Geun-hye’s visit are bringing renewed attention to Pyongyang’s cyber program, nearly a year after the once tech-averse state was blamed for a destructive cyberattack on Sony Pictures Entertainment.
The Obama administration and lawmakers are looking to South Korea to help thwart Pyongyang’s attempts to transition from digital vandal to digital warrior.
“Given the increasing cyber threats to both our nations, including from the Democratic People’s Republic of Korea, we are stepping up our efforts to increase our cyber defenses,” President Obama said during a joint press conference with Park on Friday, referring to North Korea by its alternate name.
The topic has also been on the minds of lawmakers in recent weeks, with new legislation that would require the White House to develop a strategy to counter North Korean hackers.
“We can’t go any longer without a serious plan to deal with this threat,” said Sen. Cory GardnerCory GardnerThe Hill's 12:30 Report Schumer: GOP plan to make Warren the face of Dems 'not going to work' A guide to the committees: Senate MORE (R-Colo.), who chairs a subcommittee on East Asia and cybersecurity and introduced the bill with Sens. Jim RischJim RischA guide to the committees: Senate Ryan tries to save tax plan Senate GOP votes to silence Warren after speech against Sessions MORE (R-Idaho) and Marco RubioMarco RubioTHE MEMO: Trump takes the fight to Congress Rubio says town halls designed for people to 'heckle and scream' At CPAC, Trump lashes out at media MORE (R-Fla.). “It’s time to get serious.”
These lawmakers saw Friday’s visit as an ideal place for Obama to start.
“Like the United States, South Korea has suffered damaging cyberattacks against targets of strategic and commercial importance,” Rubio, who is running for president, said ahead of the meeting.
“President Obama should seek closer cooperation with South Korea in coordinating an international response to such attacks.”
Washington and Seoul have been working to strengthen their joint cybersecurity efforts for some time. During Secretary of State John KerryJohn KerryNew York Knicks owner gave 0K to pro-Trump group A bold, common sense UN move for the Trump administration Former Obama officials say Netanyahu turned down secret peace deal: AP MORE’s visit to the South Korean capital in May, the two countries pledged to tighten “cooperation on a range of new frontiers that will help define the 21st century, including science and technology, space exploration, cyber issues,” Kerry said.
But lawmakers, experts and many in the administration itself believe Obama must go further with South Korea to fully stymie Pyongyang.
Although little is known about North Korea’s hacking abilities, experts are cautioning not to underestimate the mercurial regime.
“This is half guesswork,” said Victor Cha, Korea chair at the Center for Strategic and International Studies (CSIS). “But we cannot discount the idea that they're building this capability not just to pester people, but eventually to integrate it into some type of asymmetric military strategy.”
Few hard numbers exist on how many cyber soldiers North Korea has developed. Reports put it somewhere in the low thousands, although those estimates may be significantly outdated.
What is known is that in a country with fewer IP addresses than a city block in New York and less Internet traffic than the 3,000-person Falkland Islands, Pyongyang has nonetheless focused its limited resources on developing elite digital warriors.
The country’s advancements have been on display in a variety of increasingly severe hacks over the years, mostly targeting South Korea.
Seoul blames North Korea for at least six notable cyberattacks since 2007. The digital assaults have wiped out hard drives, frozen banking systems and blocked access to websites. One of the more severe attacks took out a South Korean bank’s online services for more than two weeks, The Associated Press reported.
More recently, a string of North Korean cyberattacks targeted South Korean media companies, defacing their websites. And just this month, a South Korean legislator said the North was likely behind a months-long hack of Seoul’s subway system last year.
“What they’re doing now is more small and commercial based,” said Cha.
But perhaps the most concerning sign came last December, when suspected North Korean hackers infiltrated one of the South's nuclear power plants. The intruders disrupted important computer networks, but didn’t harm the reactors or make off with any critical data.
Pyongyang officials, Cha explained, want to “basically use their capabilities to disrupt the peaceful status quo.”
But researchers at CSIS see evidence of a looming military shift. The organization recently briefed the administration and Congress on its findings about Pyongyang's cyber program.
North Korea can’t match the U.S. and South Korea “tank for tank,” Cha said. Cyber prowess would give the country a way to punch above its weight class.
It could allow Pyongyang “to disable missile defense systems,” Cha explained, “to blind [the U.S.] and make it difficult to communicate.”
Cha estimates North Korea is decades, not months or years, away from having this capacity.
Still, he cautioned, “I don’t want to be alarmist, but we shouldn’t underestimate their capabilities to move quickly in doing this.”
Some lawmakers are concerned that the White House is, in fact, underestimating the North Korean cyber threat.
Distracted by China’s alleged massive cyber campaign to pilfer hundreds of millions of dollars in American corporate secrets, the Obama administration has been mostly quiet on the North Korean threat since imposing economic sanctions in the wake of the Sony hack.
“The sanctions against North Korea are of limited utility since we don’t have much commerce [with the country],” Rep. Adam SchiffAdam SchiffA guide to the committees: House New national security adviser pick marks big change on Russia Trump’s feud with the press in the spotlight MORE (D-Calif.), the House Intelligence Committee’s top Democrat, told The Hill.
“I do think we need a strategy in dealing with North Korea,” he added.
The Gardner-Risch-Rubio bill would both codify Obama’s North Korean sanctions, and also require the White House to develop a longer-term strategy.
“It’s time to immediately reverse course and begin applying more pressure to the North Korean regime,” Gardner said at a Senate Foreign Relations subcommittee's hearingearlier this month.
South Korea would invariably be a vital part of this strategy, agreed experts and lawmakers.
“The more we can collaborate and align our activities and our response to hacking, the better off we will be,” Rep. Jim Langevin (D-R.I.), who co-chairs the Congressional Cybersecurity Caucus, told The Hill. “I’d like to see more international rules of the road established, either joint agreements country-by-country, or broad international agreements.
“I see the South Koreans as a partner in that,” Langevin added.
Obama echoed this sentiment following an Oval Office meeting with Park and several U.S. national security officials, including Defense Secretary Ash Carter and National Security Advisor Susan Rice.
The White House and the Blue House, South Korea’s executive office, will establish a “cyber coordination channel” to make sure “we are in sync” in combating cyber threats, Obama said.
The two administrations also issued a long list of cyber pledges, committing both sides to joint cyber military operations, collaborative cybersecurity research and the side-by-side development of international cyber norms.
“Our alliance remains a linchpin of peace and security not just on the Korean Peninsula, but across the region, and so South Korea plays a central role in America's rebalance to the Asia-Pacific, and we continued that work today,” Obama said.