Obama seeks allies in cyber fight with North Korea

Obama seeks allies in cyber fight with North Korea
© Getty Images

North Korea’s shadowy hacking army is back in the spotlight.

A congressional hearing, new legislation and South Korean President Park Geun-hye’s visit are bringing renewed attention to Pyongyang’s cyber program, nearly a year after the once tech-averse state was blamed for a destructive cyberattack on Sony Pictures Entertainment.

The Obama administration and lawmakers are looking to South Korea to help thwart Pyongyang’s attempts to transition from digital vandal to digital warrior.


The country’s limited, but quickly expanding cyber capabilities were a major conversation point during Park’s White House visit on Friday.

“Given the increasing cyber threats to both our nations, including from the Democratic People’s Republic of Korea, we are stepping up our efforts to increase our cyber defenses,” President Obama said during a joint press conference with Park on Friday, referring to North Korea by its alternate name.

The topic has also been on the minds of lawmakers in recent weeks, with new legislation that would require the White House to develop a strategy to counter North Korean hackers.

“We can’t go any longer without a serious plan to deal with this threat,” said Sen. Cory GardnerCory Scott GardnerTrump angry more Republicans haven't defended his tweets: report The Hill's Morning Report - A raucous debate on race ends with Trump admonishment Republicans scramble to contain Trump fallout MORE (R-Colo.), who chairs a subcommittee on East Asia and cybersecurity and introduced the bill with Sens. Jim RischJames (Jim) Elroy RischOvernight Defense: House votes to block Trump arms sales to Saudis, setting up likely veto | US officially kicks Turkey out of F-35 program | Pentagon sending 2,100 more troops to border House votes to block Trump's Saudi arms sale Senate approves long-delayed tax treaties in win for business MORE (R-Idaho) and Marco RubioMarco Antonio RubioTrump may intervene in Pentagon cloud-computing contract: report Trump administration denies temporary immigrant status to Venezuelans in US Colombian official urges more help for Venezuelan migrants MORE (R-Fla.). “It’s time to get serious.”

These lawmakers saw Friday’s visit as an ideal place for Obama to start.

“Like the United States, South Korea has suffered damaging cyberattacks against targets of strategic and commercial importance,” Rubio, who is running for president, said ahead of the meeting.

“President Obama should seek closer cooperation with South Korea in coordinating an international response to such attacks.”

Washington and Seoul have been working to strengthen their joint cybersecurity efforts for some time. During Secretary of State John KerryJohn Forbes KerrySchumer to donate Epstein campaign contributions to groups fighting sexual violence Trump threatens Iran with increased sanctions after country exceeds uranium enrichment cap The 'invisible primary' has begun MORE’s visit to the South Korean capital in May, the two countries pledged to tighten “cooperation on a range of new frontiers that will help define the 21st century, including science and technology, space exploration, cyber issues,” Kerry said.

But lawmakers, experts and many in the administration itself believe Obama must go further with South Korea to fully stymie Pyongyang.

Although little is known about North Korea’s hacking abilities, experts are cautioning not to underestimate the mercurial regime.

“This is half guesswork,” said Victor Cha, Korea chair at the Center for Strategic and International Studies (CSIS). “But we cannot discount the idea that they're building this capability not just to pester people, but eventually to integrate it into some type of asymmetric military strategy.”

Few hard numbers exist on how many cyber soldiers North Korea has developed. Reports put it somewhere in the low thousands, although those estimates may be significantly outdated.

What is known is that in a country with fewer IP addresses than a city block in New York and less Internet traffic than the 3,000-person Falkland Islands, Pyongyang has nonetheless focused its limited resources on developing elite digital warriors.

The country’s advancements have been on display in a variety of increasingly severe hacks over the years, mostly targeting South Korea.

Seoul blames North Korea for at least six notable cyberattacks since 2007. The digital assaults have wiped out hard drives, frozen banking systems and blocked access to websites. One of the more severe attacks took out a South Korean bank’s online services for more than two weeks, The Associated Press reported.

More recently, a string of North Korean cyberattacks targeted South Korean media companies, defacing their websites. And just this month, a South Korean legislator said the North was likely behind a months-long hack of Seoul’s subway system last year.

“What they’re doing now is more small and commercial based,” said Cha.

But perhaps the most concerning sign came last December, when suspected North Korean hackers infiltrated one of the South's nuclear power plants. The intruders disrupted important computer networks, but didn’t harm the reactors or make off with any critical data.

Pyongyang officials, Cha explained, want to “basically use their capabilities to disrupt the peaceful status quo.”

But researchers at CSIS see evidence of a looming military shift. The organization recently briefed the administration and Congress on its findings about Pyongyang's cyber program.

North Korea can’t match the U.S. and South Korea “tank for tank,” Cha said. Cyber prowess would give the country a way to punch above its weight class.

It could allow Pyongyang “to disable missile defense systems,” Cha explained, “to blind [the U.S.] and make it difficult to communicate.”

Cha estimates North Korea is decades, not months or years, away from having this capacity.

Still, he cautioned, “I don’t want to be alarmist, but we shouldn’t underestimate their capabilities to move quickly in doing this.”

Some lawmakers are concerned that the White House is, in fact, underestimating the North Korean cyber threat.

Distracted by China’s alleged massive cyber campaign to pilfer hundreds of millions of dollars in American corporate secrets, the Obama administration has been mostly quiet on the North Korean threat since imposing economic sanctions in the wake of the Sony hack.

“The sanctions against North Korea are of limited utility since we don’t have much commerce [with the country],” Rep. Adam SchiffAdam Bennett SchiffHouse passes annual intelligence bill Judge finds Stone violated gag order, blocks him from using social media The peculiar priorities of Adam Schiff MORE (D-Calif.), the House Intelligence Committee’s top Democrat, told The Hill.

“I do think we need a strategy in dealing with North Korea,” he added.

The Gardner-Risch-Rubio bill would both codify Obama’s North Korean sanctions, and also require the White House to develop a longer-term strategy.

“It’s time to immediately reverse course and begin applying more pressure to the North Korean regime,” Gardner said at a Senate Foreign Relations subcommittee's hearingearlier this month.

South Korea would invariably be a vital part of this strategy, agreed experts and lawmakers.

“The more we can collaborate and align our activities and our response to hacking, the better off we will be,” Rep. Jim Langevin (D-R.I.), who co-chairs the Congressional Cybersecurity Caucus, told The Hill. “I’d like to see more international rules of the road established, either joint agreements country-by-country, or broad international agreements.

“I see the South Koreans as a partner in that,” Langevin added.

Obama echoed this sentiment following an Oval Office meeting with Park and several U.S. national security officials, including Defense Secretary Ash Carter and National Security Advisor Susan Rice.

The White House and the Blue House, South Korea’s executive office, will establish a “cyber coordination channel” to make sure “we are in sync” in combating cyber threats, Obama said.

The two administrations also issued a long list of cyber pledges, committing both sides to joint cyber military operations, collaborative cybersecurity research and the side-by-side development of international cyber norms.

“Our alliance remains a linchpin of peace and security not just on the Korean Peninsula, but across the region, and so South Korea plays a central role in America's rebalance to the Asia-Pacific, and we continued that work today,” Obama said.