Pages

24 April 2017

The Dangerous Speculation Over Cyber Warfare Behind The Alleged Failures Of North Korean Missile Launches

By: Dave Sloggett, 

“In war, the truth is so precious that is has to be surrounded by a bodyguard of lies" -- Winston Churchill speaking at the end of WWII.

In recent days, there has been a lot of speculation on the Internet -- and even among the mainstream media -- over the true cause of the many failures of North Korea’s missile tests. Some people are suggesting the Trump Administration is behind the failures by somehow introducing a virus into the missile systems to make them fail.

Such freelance analysis on the Internet is unhelpful in the least. It sets hares running. It makes potential enemies more aware of their vulnerabilities, and often closes off avenues that might otherwise have been helpful.

In an era where nothing seems to be a secret anymore, a frenzy of on-line speculation over the range and potential of American cyber-attack capabilities really does not help.

Even if such so-called analysis is intended to create false news stories to bury the original secret is a mountain of lies, it still remains dangerous. People who do this are messing with the very foundations of the security of the United States.

It also invites people to retaliate as the potential enemy develops an increasing sense of grievance that they have been publicly humiliated. That often does not go well. Remember what happened to Sony Corporation when they sanctioned the making of the movie, “The Interview?”

North Korea is a state that does not like its leaders to be the subject of mirth and comedy. The leadership in Pyongyang have shown they grasp the idea that revenge is a dish that is best severed cold. Their use of cyberspace to attack South Korean banks and other systems illustrates that point rather well.

Stuxnet and its implications for the Iranian nuclear program are clearly at the heart of such on-line guesswork. Just because it is alleged, and has never been publicly confirmed, that America and Israel were behind efforts to delay the Iranian nuclear program using a virus to attack the centrifuges, so-called experts seem to think they can draw parallels with other kinds of failures.

At the heart of Gulf War One when Scud missile started to reign down on Israel, they broke up as they re-entered the atmosphere. Iraqi welders, it appears, are not as good as those from North Korea. In the many attacks mounted by the Houthi rebels using Scud missile systems against Saudi Arabia, many have hit their designated targets.

Similarly, Yemeni Scuds, sourced from North Korea, appear to work despite being maintained by people who have little expertise in such missile systems. Like the V2 missiles that were its progenitor at the end of WWII, the Scud is relatively easy to maintain and launch, as North Korea has demonstrated on many occasions. Scuds do not have that many ways of failing. The guidance systems are not that complicated.

Given this, the question is begged: is someone seriously suggesting that a piece of malware could sit in a North Korea missile system and only become active in a missile that is launched in the direction of Japan? The question of how such a piece of software might arrive in a North Korean missile is one which those speculating need to seriously consider.

In the case of the Stuxnet virus, the attack vectors – the means by which the software was introduced into the Iranian nuclear program -- are gradually becoming clear. Those behind the attack -- and this is not a confirmation that it was the Americans and Israelis -- developed a number of ways of introducing the virus into Iran’s nuclear facilities.

One of the enduring lessons to emerge from that incident, whoever was behind it, is that once a virus exploiting a number of so-called zero-day vulnerabilities – and Stuxnet exploited four -- it cannot be put back in the box. Such things are one time weapons. Once used, they are no longer a secret. They therefore need to be conserved and only used at a time and place when the situation demands. They also require a high-degree of risk analysis concerning the ways in which the virus is delivered into the target system.

Having someone walk in the gate and load up the software and walk away may sound nice in Hollywood movie scripts, but the reality is clearly more risky. Given the North Korean’s leaders much quoted propensity for giving any opposition to his leadership a nasty ending -- remember what happened to his Aunt and Uncle -- few would take the risk to plug in software that might be detected. If a virus was to be introduced into the Scud or the telemetry systems that observed its launch, surely Pyongyang would have become aware that such a threat had manifested itself inside one of their systems.

Another example is worth discussing. When North Korea started to supply Syria a nuclear plant which started to be built in the Dier Ez Zour area of Syria – an area incidentally now held by ISIS – Israel mounted an attack to neutralize the plant. It was called Operation Orchard. As Israeli aircraft flew into Syrian airspace, a remarkable thing happened. Not one missile from the Russia-built S-300 system delivered to Syria fired. Something had paralyzed Syria’s command and control system.

While at the time there was speculation Israeli had somehow pulled off a stunning cyber-attack against the S-300 system, rumors also started to circulate over the presence in the package of attack aircraft of an Israeli electronics warfare escort aircraft. Perhaps it was this aircraft which managed to neutralize the Syrian air defence systems and give the Israeli aircraft an unopposed ingress and egress from Syrian airspace.

But that story is now lost in the sands of time, masked by all sorts of varying accounts, some true and some false, over how the Israeli’s manage to neutralize the entire Syrian Air Defence system. It certainly caused the Syrians angst. The shock waves of the attack were also felt in Tehran.

At the time, the Iranians had just signed a contract, which was initially embargoed, to purchase the same missile defence system. Imagine how that went down with the Mullah’s in Tehran. The S-300 was supposed to protect the Iranian nuclear program from just such an attack by Israel. As the sanctions regime against Iran has been relaxed, it has now been able to get hold of the S-300 system and put it into operation.

Fast forward to today and the problems created for NATO by the seriously capable S-400 variant, and the even newer S-500 missile system just been introduced into service around Moscow. These are systems that help Russia enforce a policy of creating what is known as an Anti-Access Area Denial (A2AD) approach to missile defense.

Suffice it to say that as far as aircraft are concerned, entering an area protected by one of these modern variants of the Russian surface-to-air missile system inventory is likely to be a life changing experience for the pilot. These are seriously capable missile systems that, according to open source reporting, can conduct 36 parallel engagements with a very high probability of killing any designated target.

If America, or its allies, are working on ways to bring down such a missile system using cyber-attacks, it is not helpful to publish something that is little better than guesswork in publicly available forums such as the Internet or by mainstream journalists.

If America or its allies also find ways of undermining North Korea’s program of building missiles, well, then, that is also something that should stay in the highly-classified domain of intelligence – and out of the public domain. Speculation as to what America just might be able to do is at the very least silly, and at its worst, harmful to national security. Those who speculate are not helping. They should desist immediately.

Churchills’ observations at the end of WWII remain axiomatic. Some things in the highly-classified box need to remain there, despite the efforts of some in the mainstream media to release it into the public domain. In an increasingly wicked world, the very foundations of homeland security that one day may save America and allied lives needs to remain classified.

Dr. Dave Sloggett is a Senior Contributing Editor and an authority on international terrorism with over 42 years of experience in the military and law enforcement sectors working in a variety of roles, specializing in intelligence analysis and human behavior in the context of hybrid and asymmetric warfare. He is an authority on counterterrorism and his work has taken him to Afghanistan, Iraq, the Balkans, West Africa and Northern Ireland where he has studied the problems of insurgencies, terrorism and criminality on the ground, often working closely with NATO. His research work at Oxford University in the United Kingdom focuses on the prevention of acts of terror.

No comments:

Post a Comment