High Quality
Open the downloaded document, and select print from the file menu (PDF reader required).
Cyber Threat posed by North Korea and China to South Korea and US Forces Korea
Steve Sin
May 2009
Acknowledgement.
Thanks to Mrs. Hwa-young Sin (ABD) of Seoul National University and Dr. Horace Jeffery Hodges of Ewha Womans University for wonderful recommendations and sharpcritiques that contributed greatly to the improvement of this paper.
Abstract:
Recent cyber attacks on the US and the Republic of Korea’s government agencies, researchinstitutes, private companies, and infrastructure have created significant cause for concernamong the government officials and the computer security experts of both countries. Locatedin the heart of Northeast Asia, the proving ground for cyber-warfare (CW), computer networks ofthe United States Forces Korea (USFK) are ripe targets for the region’s CW organizations. The
Yonhap News Agency
reported on May 5
th
that the US military, after years of tracking whichcountries accessed them the most, has found that users inside North Korea logged onto USmilitary websites and networks most frequently. This paper explores the CW capabilities anddevelopments of North Korea and China in an effort to ascertain possible threats posed againstthe US entities and interests in the region.
Keywords:
cyber-warfare, CW, cyber attack, US Forces Korea, Republic of Korea, North Korea,China, hacking, hacker, cyber spy
i
Steve Sin is a Major in the US Army currently assigned as the Senior Analyst of Open SourceIntelligence Branch, Directorate of Intelligence, US Forces Korea. The views expressed in this paper arethose of the author and do not necessarily reflect the official policy or position of the US Forces Korea, theDepartment of the Army, the Department of Defense, or the US Government.
1
Spies are said to have stolen data on theF-35 Lightning II fighter. Here, the planeundergoes flight testing over Texas.Photo: courtes of US Air Force
The April 21
st
edition of the
Wall Street Journal
carrieda report about
computer spies
originating from Chinapenetrating the US Defense Department networks tosteal information about the Pentagon’s Joint StrikeFighter project as well as the US Air Force’s air trafficcontrol system.
These revelations follow anotherrecent
WSJ
report that
hackers
from abroad were ableto infiltrate the computers used to control the USelectrical-distribution system as well as other infrastructure.
Attacks like these – or USawareness of them – on the US Defense Department, other government agencies, and USinfrastructure, as well as what was revealed in the
US-China Economic and Security Review 2008
, have created significant cause for concern among the US government officials and thecomputer security experts. The most recent cyber attacks use strains of computer viruses,
logic bombs
, and other advanced techniques that can paralyze computer and communicationsnetworks.Located in the heart of Northeast Asia, the proving ground for cyber-warfare CW, computernetworks of the USFK are ripe targets for the region’s CW organizations. The
Yonhap News Agency
reported on May 5
th
that the US military, after years of tracking which countriesaccessed them the most, has found that users inside North Korea logged onto US militarywebsites and networks most frequently. This paper explores the CW capabilities anddevelopments of North Korea and China in an effort to ascertain possible threats posed againstthe US entities and interests in the region.2
Cyber-Warfare Developments of Potential Adversaries in the Region.
No one shouldassume that adversaries lack the sophistication to take advantage of software vulnerabilities.Asia has emerged as the proving ground for CW. This is especially the case in Northeast Asia,where CW have become commonplace. As shown in the matrix below, two
of the six potentialadversaries of the US are located in Northeast Asia – China (ranked number 1) and North Korea(ranked number 4). There have been numerous open source reports on the CW capabilitiesand developments of these two countries – the latest of which was a report that Chinese
hackers
have stolen information about the F-35 Lightening II Fighter Program from thePentagon computers
(a report that the Chinese government categorically denies
).
Technolytics, with support from Intelomics and Spy-Ops
, created a cyber threat matrix in 2007. It measured intentand capabilities of six potential adversaries of the US.
ii
Although Russia is within the area of interest for USFK, this paper will only address the two NortheastAsian countries that are within USFK’s theater of operations.
iii
The Technolytics Institute (Technolytics) was established in 2000 as an independent executive think tank.The institute consults for the US government, as well as governments of other nations, on informationsecurity and information security management. Intelomics and Spy-Ops are also security managementconsulting organizations for the US government.
3
Add a Comment