When President Donald Trump and Kim Jong Un meet in Singapore next week, everyone will be looking to see if the North Korean regime is truly willing to denuclearize. Lurking in the shadows of the DPRK’s nuclear weapons and ballistic missiles is, however, another program that threatens U.S. interests and international stability: North Korea’s cyber capacities.
As many have noted, North Korea is an unexpected cyber power. Much of the country lacks a steady supply of electricity, and internet access is restricted to a small number of elites in the capital, Pyongyang. The DPRK has nevertheless devoted significant resources to developing cyber capabilities, recruiting and training students with an aptitude for math and science, and reportedly basing hacking teams in China, India, Malaysia, and Thailand.
Cyberattacks are attractive to the North Korean regime for several reasons. Since the attribution of who is behind an attack can be a slow, painstaking process, cyber operations offer plausible deniability. All attacks, so far, have been under the threshold for an armed attack, and so are unlikely to provoke a military response from the United States and its allies. In addition, hacking is cheap, and cybercrime allows the regime to circumvent UN sanctions and access much-needed funds. Over the last five years years, North Korean hackers have been blamed for the attack on Sony in 2014; the 2016 theft of $81 million dollars from the Bank of Bangladesh; and, in 2017, the global spread of ransomware known as WannaCry, which briefly paralyzed the UK’s National Health System and caused FedEx hundreds of millions of dollars in damages.
The summit has raised two questions about North Korea’s cyber capabilities. First, should Washington also try to negotiate an agreement about Pyongyang’s cyber weapons, along with the attempts to eliminate the country’s nuclear program? Sen. Cory Gardner has reportedly pressed the president to raise the issue, telling Politico, “I hope it’s not just a summit to turn a blind eye to other malign activities of North Korea.” There is little hope, however, that the North Koreans will give up their cyber weapons. There is no precedent for negotiating a country’s cyber capabilities away, and there would be no way to verify or enforce the agreement. The best the Trump administration could hope for would be a broad, relatively meaningless generalization about the peaceful use of cyberspace, sandwiched in a larger statement about good relations between the two sides. This is not worth the effort.
The second question is: what happens if the talks end in failure? Can we expect North Korea to lash out with a new round of cyberattacks? Eric Rosenbach, who previously led the Pentagon’s cybersecurity efforts, recently told an audience that North Korea was the country that worried him most because the country was so unpredictable. He feared that Pyongyang would not only launch the types of disruptive attacks it has been involved in before, but that it may also take a page out of Russia’s playbook and interfere with the 2018 midterm elections.
Rosenbach is right to be worried, but the truth is that even if the Trump-Kim summit does not go off the rails, North Korean capabilities will continue to be a threat. Two weeks ago, the Wall Street Journal reported North Korean hackers escalated cyberattacks on South Korea in the lead up to and immediately after what was widely seen as a successful summit between Kim and the South Korean president Moon Jae-In. As a result, the United States and its allies have to prepare for cyber attacks whether there is success or failure.