Wednesday, July 08, 2009

The (Cyber) Mouse that Roared

If someone asked you for a quick list of nations capable of mounting a major cyber attack, it's doubtful that North Korea would be included.

After all, the DPRK is one of the least-wired nations on earth. Aside from a few government agencies and Kim Jong-il's various residences, there is virtually no internet access. Just a few years ago, a North Korean government official said the nation's "young men" were still "trying to figure out the net."

Apparently, North Korea's IT fledgling cadre has made a lot of progress in recent. Hackers loyal to the DPRK--operating from North Korea or other locations--are believed responsible for last week's cyber assault that paralyzed government and commercial websites in South Korea and the U.S. The attacks began on July 4th, and their effects were still being felt four days later.

It was, by all accounts, a sophisticated, well-planned strike. As the U.K. Telegraph reports:

The South Korean intelligence agency told members of parliament that it believed Pyongyang or its agents abroad were behind the attacks.

“This is not a simple attack by individuals,” Seoul’s National Intelligence Service (NIS) said in a statement. “The attack appeared to have been elaborately prepared and staged by a certain organisation or state.”

The Yonhap news agency quoted an unnamed member of parliament who said that the NIS had suggested that the attacks were the work of North Korea or “a pro-North Korean force”.

Experts said that there was no indication of data theft, but because the websites were still affected four days after the attacks began, an unusually sophisticated denial of service attack had probably been used.

Thousands of computers were infected by a virus that flooded websites with traffic, then overloaded their servers and forced them to shut down.

In the U.S., the official websites of the Treasury, Transportation and State Departments were hit with similar attacks. However, agency spokesmen and members of Congress refused to link the strikes with those in South Korea. But media reports suggested the American websites were hacked by the same groups that targeted South Korean government sites.

The weekend attacks offer another reminder of the vulnerability of our computer networks and related systems. Even a nation like North Korea--or its sympathizers--can marshal the resources conduct a large-scale cyber assault on technologically advanced adversaries. Meanwhile, the DPRK is less vulnerable to a similar counter-attack, given its limited access to the internet.

At least one analyst described the assault on U.S. and ROK systems as a probing attack, designed to test our computer defenses. The hackers targeted a variety of business and government sites with a denial-of-service (DOS) attack. On the commercial side, targeted sites included the New York Stock Exchange, NASDAQ and Amazon.com.

The Obama Administration had previously announced plans to appoint a "cyber czar" to oversee computer security in the public and private sectors. Additionally, the Defense Department has created its own cyber command to oversee the military's information operations and computer network defense functions.

And not a moment too soon, judging by the impact of last weekend's attacks. The successful strike reminds us that virtually all future conflicts will contain a cyber element, and some will be built around those operations. As one of the nation's most dependent on the internet, the U.S. is among the most vulnerable. Creation of the cyber czar and cyber command are steps in the right direction, but they represent steps that should have been implemented years ago.

Oddly enough, three Air Force Captains suggested this type of attack would be part of a crippling, asymmetric first strike inflicted on the United States by North Korea and its "coalition" partners. Their scenario was first published in 1998. Events last weekend remind us that such an attack is not only possible, it is becoming increasing probable. Unfortunately, our preparations for that type of contingency remain weak.


5 comments:

Roland Dobbins said...

It wasn't the DPRK at all - this is a) far too simple and strategically pointless an attack to be state-sponsored, and b) still beyond the DPRK's meagre (read: nonexistent) capabilities in this arena, and c) not of interest to them, anyways, as all the 'cyber'-blather aside, kinetics is what matters.

This is is most probably the work of someone I'm provisionally calling 'JotokBoy' - the RoK MafiaBoy of 2009 - who decided to play a game of 'Global Thermonuclear DDoS', and timed it to correspond with the USA 4Jul09 Independence Day holiday and the 15th annversary of the death of Kim Il-sung on 8Jul09. Whatever vague political motives he has are either a) the result of a vauge DPRK-oriented radicalization, or b) (more likely, IMHO) a vauge sense that by setting up a 'false-flag' attack, he's being patriotic in some unspecified matter, and providing substance to the rhetoric of various RoK bureaux fighting for their share of 'cyber'-pork and increased powers.

Ken Prescott said...

Nuclear: spending billions to create a condition of Mutual Assured Destruction.

Cyberwar: spending billions to create a condition of Mutual Assured Annoyance.

kitanis said...

It dose not matter who did it actually.

When I was a CSA and was part of the network steering group on the base I was at before retirement.. the biggest fear was the DDOS attacks

This proves that there is always a vulnerability in cyber security.. and hopefully we learn our lessons as time goes on.

kitanis said...

Also.. I would agree that
Cyber-Command should be stood up..In fact.. it should be up already but somehow that idea went out the window. but I am against the Cyber Czar Concept.

The military mission is the defense of the country.. But remember.. all members swear a oath to defend the country and the constitution.

Czars in the government have extreme powers to implement policy and regulations.. which is outside the frame work of our constitution.. But thats a whole other discussion

Lela said...

Yeah, what Kitanas said!