On November 28, North Korea launched its first ballistic missile in months. North Korea’s increasing operational tempo and brazen activities have positioned them as a legitimate Tier 1 threat.
The political climate over the last three months has altered the threat calculations that we should do when measuring the risk of North Korean actors. The new sanctions regime was being better enforced than previous regimes against North Korea and was already driving the hermit kingdom to conduct more illicit activity to make up for the loss of money and trade through more legitimate means. However, this shift from other activities to currency generation was bounded by a calculated fear of retaliation. The North Korean elite are not suicidal, while they have grown up only knowing how to play high-stakes poker-at the end of the day they want to win the game, not go out in a blaze of glory.
November 28, 2017 has the potential to irrevocably change the game forever. While questions remain about payload and the survival of a re-entry, the timeline for a viable nuclear deterrence jumped from months to weeks. This all but renders the conventional superiority of the joint US/South Korean forces irrelevant. If the credible threat of nuclear weapons hangs over the United States, it is in everyone’s best interest to ensure that North Korea does not fear forcible, external regime change.
So, what do missiles and diplomacy have to do with North Korea’s cyber program?
Stability at the strategic level has the potential to increase low level conflict because neither party will allow that conflict to escalate to something that is truly horrific. Over the last decade, there’s been an increasing norm for nation states to use destructive cyberattacks as a matter of policy with little to no consequences. The United States itself has bragged on more than one occasion about conducting cyberattacks against North Korea’s missile and cyber programs. The main restraining factor for the North Korean cyber programs was not technical capability but a risk calculation of not knowing where the tipping point between acceptable action and retaliation lay. Once they’re confident in the new strategic stability that their nuclear program will allow them, they can and will increase their cyber program because the main restraining force no longer exists.
If sanctions cut off legitimate state activity, the government will be forced to increase its illegal activity. This will likely result in more direct assaults on Western financial institutions and bitcoin heists. It will also drive the use of destructive attacks to both send political messages and cover up their malicious activities.
What makes these trends so alarming?
The DPRK is in a relative position of power when it comes to cyberwarfare and activity in general. If the fight must stay within cyberspace, because of the insular nature of the country and the strict controls they have placed on computers and information. The ability to retaliate against them, in cyberspace, will have a negligible effect on the country. The paradox of power is that the things that make you wealthy and powerful also make you vulnerable and create a vested interest in stability. The Paradox of North Korea’s pariah nature is that they have attained power without the accompanying need for stability. If North Korea does not come back into the global fold, or is not disarmed we’ll see for the first time what a fearless, unrestrained, well-funded cybercriminal organization can accomplish.
