How to bring North Korea to its cyber-knees

December 23, 2014

North Korean leader Kim gives field guidance at the Kim Jong Suk Pyongyang Textile Mill in this undated photo released by KCNA in Pyongyang

President Barack Obama, during his year-end news conference,  promised a proportional response to North Korea’s cyber-attack on Sony Pictures Entertainment. “They caused a lot of damage,” Obama said, referring to the theft and exposure of corporate records and private emails. “And we will respond. We will respond proportionally, and we’ll respond in a place and time and manner that we choose.”

That proportional response could take many forms. It might be more sanctions or putting North Korea back on the state-sponsored terror list. But the Sony hack is less like terrorism and more about serious theft. Proportional response is likely a cyber-attack in kind against North Korea — an attack that may already be underway.

There are many ways Washington could strike Pyongyang in cyber space. It could disrupt the cyber black markets where hackers likely purchased the software used in the attack. It can start bullying the hackers online and off. It could even make sure as many North Koreans as possible see The Interview.

One effective tactic would be to go after the black markets where hackers trade dangerous software. The Sony hack, as most people now know, was relatively unsophisticated. The tools used were crude and readily available on the Internet. Which means these tools will be hard to eliminate.

Hard but not impossible. Washington could learn something from the music industry.

In 2001, when Napster, the file-sharing service, was at the height of popularity, the music industry flooded the site with broken songs and obnoxious repetitive sounds dressed up to look like popular music. It worked. Millions of people downloaded files that hurt their ears. Washington could do something similar to the online black markets used by hackers.

North Korean leader Kim gives field guidance during a visit to the Pyongyang Catfish Farm in this undated photo released by KCNA in Pyongyang

Shutting down these markets, on the other hand, would have little effect. Users would quickly move to another location. Peter W. Singer, a cyber-warfare expert and senior fellow at New America Foundation, told Reuters he wants to see Washington take a page from the music industry’s playbook. “I wouldn’t aim at taking them down,” he stated, “I’d aim at poisoning the well.”

This could mean flooding black markets with faulty software, malware and broken tools. The files would look like regular malicious software — but either wouldn’t work or would be engineered to backfire on the hackers.

U.S. cyber teams could also go after the hackers aligned with Pyongyang and make their lives miserable. It’s an effective tactic. Bullies are notoriously susceptible to bullying.

Since the FBI has declared that the attack came from North Korea, there’s a good chance the bureau’s experts know which computers and even which hackers it came from. Hackers generally have robust online lives. They use social networks, maintain a presence in online forums and chatrooms and transfer money using Bitcoin or other cryptocurrencies. Washington could make their lives uncomfortably complicated.

It could break into the hackers’ email accounts and publish them —  just as the hackers did to Sony Pictures executives. It could ban their Internet protocol addresses or infect their computers with destructive viruses and malware that could store every keystroke the hackers type. Every password, email, website visited would be recorded and stored in a U.S. database. It might only sideline the hackers, by making them spend time and energy fixing the problem or even force them to buy entirely new hardware — a hacker’s worst case scenario.

U.S. cyber teams could also pose online as commentators and ruin the hackers’ reputations among any communities they belong to. For example, they could upload faulty software to the black markets as the Guardians of Peace.

Of course, some security experts insist that the attack did not originate in North Korea, but was routed through it.

One group of expat North Korean hackers, known as Chongryon, is based in Japan. Their actions are crucial to Pyongyang, which uses the group’s grifts and hacks to spread propaganda and bring money to the state.

“The Chongryon are vital to North Korea’s military budget,” a recent report from HP Security analysts explained, “raising funds via weapons trafficking, drug trafficking and other black market activities.” .

Chongryon is just one of many groups that do Pyongyang’s dirty work while operating outside North Korea. Washington could work with its partners in other countries to pursue such North Korea’s satellite hackers and shut them down.

Richard Haass, president of the Council on Foreign relations, suggested attacking Pyongyang’s Internet infrastructure. A response-in-kind, for Haass, is an attack on North Korea’s political and military networks.

Yet disrupting North Korea’s internal networks is not a proportional response. The Guardians of Peace attacked Sony — not the Pentagon.

It would also be incredibly difficult if not impossible. Most of North Korea’s military communications are on “wired circuits that are not connected to international networks,” Martyn Williams, senior correspondent at IDG News Service who writes about Pyongyang for the blog North Korea Tech, told Reuters.

Those military and political pillars Haass advocates attacking probably aren’t even hooked up to the Internet. It’s all internal, and so almost impossible to breach.

Though North Korea isn’t as wired as the United States, some of its people do have access to the Internet. That connection is slow, unstable and heavily censored by the state.

It’s possible for the United States to breach that connection and shut it down. All the connections run through China, however, and Washington would need to work with Beijing to make it happen. And Washington already has its own problems with Chinese hackers linked to the People Liberation Army.

Taking North Korea offline would be counterproductive in any case. The U.S. intelligence community monitors all Internet traffic moving through North Korea. Shut down the country’s Internet and you shut off Washington’s ability to listen in.

That said, North Korea’s Internet already seems to be the subject of attack. On Dec. 22, U.S. North Korea watchers monitored service interruptions across the country’s Internet.

North Korea’s Internet is notoriously spotty. But since Obama’s news conference, there has been a sharp degree of difference. Outages have lasted for many hours. “Usually there are isolated blips, not continuous connectivity problems,” Doug Mandory, director of Internet analysis at Dyn Research, told Williams. “I wouldn’t be surprised if they are absorbing some sort of attack.”

Shutting down the country’s Internet might be the proportional response Obama mentioned. It might also, however, be a sign that China is punishing the country for its recent cyber activities. Beijing isn’t above reining in Pyongyang when it needs to.

But another sort of U.S. retaliation would be to get The Interview into North Korea. So much of the fuss surrounding this hack concerns the film and Pyongyang’s reaction to it. Making it free online or uploading it into North Korea’s networks would take away one of the biggest gains the country got from the attack — getting the movie withdrawn from public view.

One human-rights group plans to achieve just this. This organization, Fighters for a Free North Korea, routinely airdrops over North Korea hydrogen balloons carrying DVDs. They aim to airdrop The Interview  as soon as it’s available.

Still, disrupting the black markets and hounding the hackers responsible remain the two best options. It’s a direct punishment levied against the individuals responsible — and has the added effect of slowing down or stopping more attacks.

 

PHOTO (TOP): North Korean leader Kim Jong Un (C) smiles as he gives field guidance at the Kim Jong Suk Pyongyang Textile Mill in this undated photo released by North Korea’s Korean Central News Agency (KCNA) in Pyongyang, December 20, 2014. REUTERS/KCNA

PHOTO (INSERT): North Korean leader Kim Jong Un gives field guidance during a visit to the Pyongyang Catfish Farm in this undated photo released by North Korea’s Korean Central News Agency (KCNA) in Pyongyang, December 23, 2014. REUTERS/KCNA

16 comments

We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/

NK is a joke.

This country only exists because China lets it.

I’d say, tell China to cut them off or be cut out of the world marketplace.

Posted by LoveJoyOne | Report as abusive

Who is this jerk? Suggesting the government use illegal hacking to go after hackers? So hackers go to jail when doing it, but it’s ok for the government to do? Shame on you, Reuters, for publishing this garbage.

Posted by TanMan1217 | Report as abusive

In short, multi-national corporations like Sony, whether American-chartered, Japan-chartered, Ireland-chartered, or Russian-chartered, have zero patriotic notions. The seek profits for their owners. Period.

Patriotism is not part of the human-corporate-animal. How could we expect otherwise?

Any large corporation doing business in America is not here to do the American people a favor. Rather the American people are its prey.

I am rooting for the hackers. The hacker phenomenon is a necessary thing.

It will perhaps, in one way, defend us, save us, the American middle class, from being completely devoured by the modern multi-national corporation, that dangerous, super-organism evolving in our midst on Earth.

Posted by AdamSmith | Report as abusive

Yes, I can see how the wealthy owners of Sony corporation stock, most of whom live in Japan, may have suffered from this hack.

But how has the hacking of Sony harmed the American middle class that are not owners of Sony stock?

Posted by AdamSmith | Report as abusive

Obama is a true moron – cant handle Putin or Bibi so he plays the race card or XBox

Posted by jackdanielsesq | Report as abusive

The DPRK has been a pariah of international community and their behavior became more unpredictable than before .they have gotten used to ignore all the international law and try to threaten other countries by their particular measure – barking,It is understandable ,because this is their survival method –provoking the tension ,creating fear and intimidating their neighbor countries then start to talk about negotiation and ask for aids–oil ,food and money ,back and forth ,year by year .just like the spoiled brat.

Posted by 6652911636 | Report as abusive

Interesting, how the anarchists support the hackers, both are criminal by their very nature; as if anyone expected anything different. The same anarchists support and participate in the “protests” recently occurring in the USA, it isn’t about police being racist, it is about anarchists believing the police have no authority over them. Anarchy is one of the world’s biggest problems right now.

Posted by SixthRomeo | Report as abusive

Few people have computers, let alone access to the internet. But everybody appears to have a video machine. There is an underground video market where North Koreans seem to be able smuggle in forbidden foreign movies. That is the way to get some videos into North Korea. Whether this rather tasteless and silly satire would be the best-suited propaganda is another question. Some people are bound to find it offensive.

Posted by pbgd | Report as abusive

Me thinks it is a a really well planned publicity stunt, on someone’s part.

Posted by Sherpa1 | Report as abusive

Corporations must be protected by the government as well as individuals for the economy to thrive. Even very large corporations do not have the resources to protect themselves against nation states. Even back water rat holes like NK. We need corporations, even large ones for a healthy economy. The idea that corporations is the enemy of the middle class is ridiculous. Thats where the jobs and most of all the stability come from.

Posted by thenext100 | Report as abusive

“U.S. cyber teams could also pose online as commentators and ruin the hackers’ reputations among any communities they belong to” Are any of these suggestions serious? Or have entire world governments turned into giant junior high schools? These are North Korean hackers. The suggestions that the US would disrupt their “bitcoin accounts” or record “every website they visit” as revenge simply indicates utter ignorance about North Korea on the part of this writer.

Posted by neverquit | Report as abusive

Definitely by making “The Interview” a 1000 episode sitcom played only in theaters that all free speech conscious people will be obliged to watch at $20 per show. What a low IQ audience went to the theaters to watch that ridiculous movie to show their support for the free speech.

Posted by Macedonian | Report as abusive

The suggestions for retaliation are absurd. They suggest state-sponsored military officers, employed as cyber-weapons technologists, are somehow juvenile delinquents that can be threatened by slander or fear the loss of a personal computer. Either they are classic crackers, breaking into systems for bragging rights, or they are state-sponsored cyber-warriors. Make up your mind.

If the latter, and the US government has stated they believe this to be true, then the responses need to be at the state level as well. Two possibilities come to mind:

1) Set up an official NSA filesharing site that hosts this DVD, and perhaps also allows other parodies to be uploaded as well. Basically, set up a target site and dare the North Korean teams to take it down. It would be very public and fun too. The NSA is huge, with a correspondingly huge budget that is literally 4 times larger than North Korea’s entire GDP. If the NSA can’t keep a website up in the face of an international hack, the US government should fire the lot of them.

2) Stamp out a few thousand copies of the DVD, load them into the bomb bay of a B2, and deliver them to Pyongang. That should pretty much show all the North Korean people that their leader, and their military, isn’t all they say they are. The B2 is supposed to be a super-stealthy first-strike aircraft capable of penetrating sophisticated air defence systems. It was ridiculously expensive to build. If a B2 can’t do this, then Northrop Grumman should be removed from the US military supply chain, forever.

The NSA and Northrop Grumman cost the US taxpayer a significant amount of money. If this truly is a state-sponsored cyber-attack then maybe it’s time the they started earning it.

Posted by fixerdave | Report as abusive

They should just provide free wifi for all North Korean and drop solar powered chrome books to regular citizens. The country is barely online as it is. Information is the most threatening thing to the North Korean government.

Posted by JoshuaS | Report as abusive

My guess is that folks will grow tired of this story pretty quickly. It is entertaining to talk about how the US will “retaliate”, but impractical to retaliate meaningfully in a manner that does not ultimately demean the USA more than anything else. Hopefully Western governments are looking at the Sony hack as an opportunity to educate businesses like Sony on cybersecurity.

Seriously, does anyone understand how idiotic Sony was about protecting their own reputations and their own intellectual property? A major media company can afford to implement truly secure private communications that are not exposed to the internet at all, for projects like multimillion dollar movies. A major media company cannot afford to have senior executives who gossip like 12 year old girls on email.

In a free market economy, no government can afford to protect idiots from their own idiocy. We could have just let Sony swing in the breeze. That’s what competition is about, right? Let the morons die so the smart guys can grab their market share. Next time,let them swing, please.

Posted by JeffHB | Report as abusive

So they drop DVD’s of the movie on N Korea,the folks who dare to watch it get caught and executed for their pains.Dumb idea when you think about it.

Posted by Barondeholbach | Report as abusive