Latest NewsNext Cold War

Stuxnet Goes To North Korea

In 2010, the world first learned about a malicious computer worm that had been wrecking Iran’s nuclear facilities by making centrifuges malfunction and thereby preventing uranium from being refined. Private security researchers named the worm “Stuxnet” after keywords found in the software.

It was later revealed that what was being called the Stuxnet worm was part of a joint covert operation between the United States and Israel, titled Operation Olympic Games. The worm discovered by the private security researchers had “escaped” after Israel’s NSA counterpart, Unit 8200, altered an earlier version of the worm to make it hyper-aggressive.

Iran responded by building its own cyberweapons capabilities, which it subsequently used to attack Saudi Aramco, a dam in New York state, and a number of U.S.-based banks.

The entire episode should serve as a cautionary tale about the false promises and dangers of cyberweapons. After some initial success in sabotaging the Iranian nuclear facility in Natanz, the government of Iran doubled-down on its nuclear weapons program and ultimately increased production and refinement well-past levels achieved before the sabotage efforts.

A New York Times’ story published this weekend reveals that in 2014, President Barack Obama decided to launch a Stuxnet-style cyberattack against North Korea in hopes of undermining their nuclear missile capability. The decision reportedly came after Obama lost confidence in the antimissile defense system, when tests revealed fail rates of over 50% in ideal conditions.

The cyberweapons launched by the U.S. against North Korea are part of its “left-of-launch” program. They seek to disable missiles before liftoff rather than intercepting them after they are launched, which is how the antimissile defense system works.

The Times points to a 2013 announcement [PDF] by then-Chairman of the Joint Chiefs of Staff General Martin Dempsey as elucidating the program without mentioning North Korea by name. The program is based on cyberweapons like Stuxnet, direct energy weapons (lasers), and electronic signal jamming.

But just because the $300 billion-plus antimissile program is a dud does not mean the alternative is much better or less dangerous.

Much like Operation Olympic Games, early cyberwarfare efforts against North Korea’s ballistic missile program showed success. Earlier missile tests proved to be failures, which the Times attributes in part to U.S. cyberwarfare efforts:

The North’s missiles soon began to fail at a remarkable pace. Some were destroyed, no doubt, by accident as well as by design. The technology the North was pursuing, using new designs and new engines, involved multistage rockets, introducing all kinds of possibilities for catastrophic mistakes. But by most accounts, the United States program accentuated the failures.

And again, much like Operation Olympic Games, the target of U.S. cyberattacks was undeterred and persevered.

North Korea has made further progress on its missile program with a successful test of ballistic missile engines last Spring. In September, North Korea successfully detonated another nuclear bomb, which reportedly displayed twice the destructive power as the bomb dropped by the U.S. on Hiroshima, Japan, at the end of World War II.

In the case of Iran, cyberweapons were ultimately discarded in favor of a wide-ranging diplomatic agreement that put controls on Iran’s nuclear weapons program. It is hard to imagine such an agreement being reached with North Korea given current tensions and leadership in both countries.

In 2014, perhaps in response to cyberattack or out of genuine anger at being insulted in the film The Interview, the North Koreans allegedly hacked Sony Pictures Entertainment and released embarrassing emails sent by corporate executives.

During the same period, North Korea responded to other aspects of the left-of-launch program by launching its own electronic attacks, attempting to jam signals during U.S. and South Korean military exercises.

Last month, North Korea almost certainly assassinated North Korean leader Kim Jong-un’s brother, Kim Jong-nam, in a Malaysian airport using a VX nerve agent. The killing, along with the use of a deadly chemical weapon, has led to further isolation of North Korea and increased tensions in the region, but also solidified Kim Jong-un’s position as supreme leader.

And, today, North Korea fired four missiles towards Japan, three of which landed in Japan’s territorial waters. A fifth missile failed to launch for unknown reasons.

Granting U.S. cyberweapons had something to do with the failed fifth missile, I’m not sure I would love those odds if I was on the west coast of the United States.

Dan Wright

Dan Wright

Daniel Wright is a longtime blogger and currently writes for Shadowproof. He lives in New Jersey, by choice.