• United States



Contributing writer

Will Kim Jong Un be for cyberwarfare what his dad was for nukes?

Dec 21, 20113 mins
Critical InfrastructureCyberattacksCybercrime

Security experts have differing views on what the death of Kim Jong Il will mean for the future of cyberattacks.

The death of North Korean dictator Kim Jong Il has understandably set neighboring South Korea and other countries in the region on edge. But should it put the western world on high alert as well, for possible cyberattacks?

Two cyber security experts have different views on the matter.

There is general agreement that the transition of power could bring significant instability to the region. While the dictator’s son, Kim Jong Un, was named by his father to succeed him, the twenty-something Kim has had only two years to be groomed for the position, while his father had 14. He was made a four-star general by his father, but has never served in the military.

And even if the younger Kim does take power seamlessly, there is speculation that he may deliberately act aggressively to quash even the thought of an “Arab Spring” type of rebellion, to consolidate his power and establish a reputation throughout the world that he will be just as unpredictable and threatening as his father.

South Korea’s largest news agency, Yonhap, reported that the country had put its military on high alert.

Korea Communications Commission (KCC) raised the cyber alert to the third-highest level over the weekend and stepped up monitoring on distributed denial-of-service attacks, hacking incidents and other assaults via the Internet.

John Linkous, vice-president and chief security and compliance officer of eIQnetworks, says this amounts to “a strong possibility” that North Korea could launch cyberattacks against the U.S.

And he says neither private industry nor government may be adequately prepared.

“On the commercial side, if you look at all the successful cyberattacks over the past year, businesses are not prepared,” he says, noting that most of those attacks are from smaller organizations, not nation states.

“On the federal side, I would like to think we are prepared, but we probably are not,” Linkous says. “We have so much infrastructure spread out over the world that economically and mathematically it’s almost not feasible.”

He notes that Vivek Kundra, former U.S. chief information officer, gave government cybersecurity a “B” grade before he left office in August.

“The (attack) vectors themselves are not that sophisticated, but they don’t need to be,” he says. “The reality is that this is a nation that clearly views itself as world leader and wants to assert itself in every way. Cybersecurity is a big part of that.

But Gary McGraw, chief technology officer for Cigital, doesn’t see the political instability in the country as a direct threat, and says he doesn’t think North Korea has the ability to launch a disabling cyberattack.

“A few times in the past North Korea has been blamed for stuff without much evidence, and it wasn’t much beyond denial of service anyway,” he says.

McGraw says the kind of attacks that might come from North Korea, are the kinds of things that Google and Amazon probably wouldn’t even notice, and if they did, they would have no trouble shutting them down.”

He says while cyberwar should be taken seriously, some of the fears about it are the result of hype.

North Korea, he says, has much more serious internal problems to confront.

“Why are we wringing our hands over cyberwar?” he asks. “We ought to be wringing our hands over the fact that they can’t even feed their own people.”