Korea-U.S. alliance vulnerable to North’s cyberattacks: CSIS

Washington and Seoul are currently unprepared to respond to low- or high-intensity cyberattacks from North Korea, a recent report from the Center for Strategic International Studies (CSIS) warns.

In a case in which “North Korea’s cyber capabilities become increasingly integrated as a supporting element into its conventional military operational planning,” the report said, this could possibly affect the function of the U.S.-Korean alliance’s military command and control, air defense networks and any future missile defense arrangement.

The CSIS report, “North Korea’s Cyber Operations: Strategy and Responses,” said that North Korea’s growing cyber capabilities may affect the current strategic balance on the Korean Peninsula.

Countries allied with the United States in the region should cooperate militarily to “ensure that conventional military operations are not impeded by disruptive cyber operations,” it advised, especially for high precision operations that include ballistic missile defense and integrated air defense systems, which are heavily network-dependent technologies.

“Missile defenses are extremely expensive and complex and North Korea’s cyber capabilities could erode or even defeat missile defense systems,” as well as reconnaissance information, logistical networks and weather data vital to the Army and Navy, the report said.

In the case of war, Pyongyang could target U.S. and South Korean command, control, communications, computers, intelligence, surveillance and reconnaissance in support of its “quick war, quick end” strategy, it added.

This 100-page CSIS Korea Chair report is one of the first comprehensive U.S. studies on North Korea’s cyber operations.

It pointed that current policy on Pyongyang’s cyberattacks, even lower-intensity ones, puts the United States and South Korea “in the position of being repeatedly assailed by attacks without concrete mechanisms to effectively respond.”

The one-year study was conducted following the cyberattack against South Korean banks and media agencies in March 2013 and on Sony Pictures Entertainment in November 2014. These attacks have been attributed to North Korea by the South Korean and U.S. governments.

It found that the “North Korean strategy emphasizes asymmetric and irregular operations in both peacetime and war time to counter the conventional military strength” of the United States and South Korea.

However, in the case that an actual war breaks out, the war-time strategy of the North Korean People’s Army is to launch extensive irregular operations that exploit U.S. and South Korean vulnerabilities, it said

For North Korea, cyber operations are seen as “a relatively low-cost and low-risk means of targeting the vulnerabilities” of a country that relies heavily on cyberspace for national and military activity.

It described the Reconnaissance General Bureau as the primary intelligence and clandestine operations organ that controls the bulk of North Korea’s cyber capabilities, and associated it with the 2014 attack on Sony Pictures.

The General Staff Department of the North Korean People’s Army oversees military operations and units, as well as conventional military cyber capabilities.

The report went on to warn that North Korea is likely to continue to place strategic value in its cyber capabilities if left unchecked, which could be integrated into its military operations.

“Policy-makers should expect a potential combination of cyber operations with diplomatic offensives, psychological operations, military exercises, missile tests or other provocative behaviors,” it said.

It recommended that the U.S.-South Korean alliance develop contingency plans and “a menu of corresponding response options for a range of scenarios” that could result from North Korea’s cyber operations.

According to the report, Washington and Seoul should “leverage the regime’s obsession with tight control of information within the country,” which it called one of North Korea’s largest asymmetric vulnerabilities.

It also recommended that the United States implement sanctions against specific North Korean individuals and entities that have engaged in cyberattacks that pose a threat to national security.

BY SARAH KIM [kim.sarah@joongang.co.kr]