For this week’s discussion post, I wanted to discuss South Korea’s cybersecurity threats and their strategic answers to combat them. Having served at Osan Air Base in South Korea while I was in the Air Force, I know all too well the many dangers they face from their northern neighbors, North Korea. As many know, North Korea’s military and cyber forces make up the largest spender of the country’s resources, leaving its citizens often to fend for themselves without readily available access to water and food. Just recently, CNN reported that “North Korea’s army of hackers stole hundreds of millions of dollars throughout much of 2020 to fund the country’s nuclear and ballistic missile programs in violation of international law, according to a confidential United Nations report” (Roth, Berlinger, 2021).

South Korea is under constant assault on the digital front, leading its citizens to never truly forget that the Korean War still has not officially ended. To make matters worse, North Korea’s rise in cryptocurrency production only adds fuel to the fire. Per Eun DuBois from the Brookings Institution, “The South Korean government estimates that North Korea’s Reconnaissance General Bureau has dedicated more than 6,000 full-time cyber operatives and support staff who launch disinformation, cybercrime, and espionage operations on a daily basis” (DuBois, 2020). South Korea has taken several steps to help secure their country’s infrastructure, ranging from using a structured command-and-control system to answer cyber threats, a government-organized data-sharing system, peer-to-peer education and mentoring programs, and robust network separation policies separating the Internet from the Intranet. The U.S. has also played a significant role in helping South Korea with its growing cyber threat concern.

While much of the world focuses on ensuring that North Korea does not obtain the power or reasoning to expand its military aspirations, much of what we are doing has little effect on the big picture. South Korea’s network separation policy runs into issues with Seoul’s fourth industrial revolution policies regarding private data transfers and cloud services. Like most countries, the lack of available cybersecurity employees is directly interfering with our ongoing war with cybercrime; as hacking’s revenue far exceeds those who play defense, I fear that there is little incentive to use one’s skills ethically. One of the most essential factors to North Korea’s success in cyberspace, to me, is merely its ability to navigate laws and policies and use them to its advantage. North Korea has never been known to play by the rules, willingly leaving sanctions, conducting unauthorized missile testing, and now, fraudulently obtaining digital resources to fund their military’s continuously-expanding military prowess. I fear that if nobody steps in to assert some form of discipline, North Korea will eventually not only have the power to stomp out the West’s progress, but the motive to do so as well, possibly aligned with allies who we currently do not believe are a threat.

References

Roth, R., Berlinger, J. (2021, February 09). North Korean hackers stole more than $300 million to pay for nuclear weapons, Says Confidential UN report. Retrieved February 10, 2021, from https://www.cnn.com/2021/02/08/asia/north-korea-united-nations-report-intl-hnk/index.html.

DuBois, E. (2020, December 23). Building resilience to the North Korean Cyber threat: Experts discuss. Retrieved February 10, 2021, from https://www.brookings.edu/blog/order-from-chaos/2020/12/23/building-resilience-to-the-north-korean-cyber-threat-experts-discuss/.