Silent warfare with no gunfire
Last month, major American banks, including Bank of America, JP Morgan Chase and Wells Fargo, were hit by cyberattacks. It was the second large-scale offensive this year, after one in January. The distributed denial of service (DDoS) attacks overloaded sites with requests and shut down the servers. Because of the attack, bank customers were temporarily unable to use online services. U.S. authorities investigating the origin of the attacks concluded Iran was most likely responsible.
The New York Times on Oct. 13 cited American officials’ assertions that “an emerging shadow war of attacks and counterattacks is already under way between the United States and Iran in cyberspace.” Viruses are planted in key facilities of the other country or cyberattacks are in progress to disable military networks. Secretary of Defense Leon Panetta said the United States was “at a risk of a cyber-Pearl Harbor,” the surprise Japanese attack on Hawaii that drew America into World War II, and warned it could be an even more dangerous situation than the Sept. 11 terror attacks.
Countries around the world are working hard to enhance their ability to carry out cyberwarfare. The United States expanded its budget for cybersecurity at the same time the overall defense budget was being drastically cut. The U.S. Department of Defense spent more than $3 billion on cyberdefense this year. The United States is not just defending against attacks, it has adopted a tactic of striking the origin of attacks. In order to make precise counterstrikes, the U.S. government is drawing a comprehensive map of Web sites worldwide. Israel operates the Unit 8200, the most powerful cyber military unit. Russia, China and North Korea also possess world-class cyber offensive capacity. And the Indian government announced Oct. 16 that it will train 500,000 cyber warriors to keep up with other powers.
Korea is second to none when it comes to cyber offensive capacity or interest in the field. Korea is especially leading the information technology field. However, security cannot be guaranteed with advanced technology alone. After all, it is the people who use the system. Recently, a North Korean soldier crossed the border and knocked on a South Korean barrack door, and the so-called “knock and defect” stirred society. Moreover, a man entered the Central Government Complex with a fake ID and set a fire and jumped to his death. We should not take these cases lightly. The two incidents are not simply coincidental, but they symbolize the lax security awareness. By now, the patrol and security activities in the front along the Demarcation Line must have become tighter.
However, we need more than obvious and visible prescriptions. Cyberattacks and counterattacks are mostly carried out in the dark. The tactics and methods become increasingly complicated, and it is not easy to find the target to retaliate. Therefore, we must remain alert all the time and not allow even the slightest holes. The U.S. defense secretary was not exaggerating when he compared cyberwarfare to Pearl Harbor. The “knock and defect” case should be a chance for all of us to thoroughly review and reinforce the cybersecurity system and related personnel. In this silent warfare with no gunfire, no one would come knocking on the door.
*The author is a Washington correspondent for the JoongAng Ilbo.
By Lee Sang-bok