Internet as a tool for rogue regimes : North Korea

                   "If the Internet is like a gun, cyberattacks are like atomic bombs.”

                 -KIM JONG Il

Security in its most basic sense was mentioned in reference to warfare and military affairs but undergoing different conceptions around different time periods, with globalization and technological advancement, the sphere of security has accommodated various non-military aspects like poverty, human rights abuse, etc. Security is thus a relative, ambiguous, and indeterminate concept. Furthermore, the line between the idea of domestic and international issues of security has thinned with the introduction of issues like environmental degradation that require international cooperation. Cyberspace or the internet presents another domain of security with the interplay of national security and business interests and the commodification of personal. It's considered to be one of the global commons- public goods. Violation in this public good is the idea touched upon below.

Marveling at the current rise in the popularity of the South Korean culture, one always turns to its immediate neighbor, the one sharing its name, and the apparent contrast strikes. North Korea is a prominent “rogue state” usually at the center of global security concerns with its aspirations to acquire the weapons of mass destruction (WMD) and aggressiveness that threatens the regional stability, constantly making headlines. But its hacking of around $400m in digital assets last year has brought out a new security card to the international stage. As the securitization theory mentions that a specific phenomenon is first identified as an existential threat and a relevant audience accepting the declaration makes it a security issue. The North Korean state-sponsored cybercrime is one such security issue and one of the leading cyber threats of the world. On April 15, 2020, the U.S Department of State, The Treasury, Homeland security, and The Federal Bureau of Investigation issued an Alert and advisory on the North Korean Cyber Threat to the international community. This solidified the intensity of the security threat from the North Korean hackers and global acceptance of the threat which was hitherto ignored.

APT38's global targets (Source: FireEye)

The North Koreans first began with cyber robbery to provide revenue as it was under heavy international sanctions, by attacking traditional financial institutions and later shifted to targeted cryptocurrency exchanges. Most of the revenue through hacking goes to the development of a nuclear arsenal, which is an established global threat. Along the line, the hackers of the state have grown such that penetration of government computers, militaries, and infrastructure structures/project plans is possible across borders. The Operation Desert Wolf of 2016 is the perfect example where the U.S -South Korean combined command center was targeted, and Pyongyang gained access to the classified military information. There are endless examples from nuclear power plants in India to targeting U.N Security Council Members. Thus, cyber warfare is always a looming threat. Along with this, the possibility of other nations developing similar schemes is a possibility, the Russian intervention in the U.S. elections is just proof of the “realms of the possible”. There have been many such small instances of breach of cyber security of institutions and nations but the development of other fully framed like the North Korean is a terrifying possibility.

Thus, North Korea's cyberattack techniques are a violation of the international sanctions, a threat to the security of every other nation and institution, and in the wake of Covid-19 where the finance world is becoming more digital, to the international financial systems.  The problem lies with the lack of awareness and ability to defend against such attacks. The situation here demands the state to act as the security agent. The United States is on the defensive side of most of these attacks primarily and other nations and institutions, in general, should adopt some measures to fend off possible attacks in the future. There should be a proper assessment of the past attacks, the possibility of future attacks, and information to be shared on the North Korean or any such possible threats. Further, there should be policies or acts in place making cybersecurity a top priority but such that there is no “dual-use”, which is limiting citizens' or workers' right to access information on the internet. Like Environment, cyber security also requires the coordination of public and private, national and internationally such that a collapse in any possible harms can be avoided. Finally, there should be clarity in retribution to the offenses in cyberspace because it is the domain of the present and the future.

References-

1. Alert (AA20-106A), Guidance on the North Korean Cyber Threat, Cybersecurity and Infrastructure security agency, April 15, 2020, https://www.cisa.gov/uscert/ncas/alerts/aa20-106a
2. Deibert Ronald. Trajectories for future Cybersecurity research, The oxford handbook of international security.March 2018
3. Williams Michaels & Krause Keith.Security and “Security Studies”: Conceptual Evolution and Historical Transformation.March 2018
4. Caesar Ed.The Incredible Rise of North Korea’s Hacking Army, The New Yorker, April 19, 2021,  https://www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army
5. Klinger Bruce.North Korean Cyberattacks: A Dangerous and Evolving Threat. The Heritage Foundation.September 02,2021  https://www.heritage.org/asia/report/north-korean-cyberattacks-dangerous-and-evolving-threat