James Andrew Lewis
The Republic of Korea (ROK) faces a uniquely volatile situation in defending its networks, data, and digital infrastructure. Nuclear-armed North Korea (DPRK), unlike other leading state cyberattackers such as Russia, China, and Iran, poses a direct military threat to the ROK and makes use of missile launches, artillery fire, and (in the past) naval activity to threaten, warn, and manipulate ROK and global opinion. Drawing on one example among many, in January 2024, Kim Yo-jong, the sister of North Korean Supreme Leader Kim Jong-un, threatened an “immediate military strike” against South Korea in response to any “slight provocation.” While there is a considerable degree of bluster in statements like these, the risks of taking retaliatory action against the DPRK is higher than in any other cyber conflict. This shapes any calculation of active cyber defense, defined as taking action against opponents rather than relying on attempting to deny them access to networks and data.
The international landscape for cyber defense is complicated, as all major cyberattackers are currently insulated from punitive responses—particularly from democracies, given their fear of escalation. For the ROK, however, cyber defense against the DPRK adds the risk of armed conflict—unconventional, conventional, even nuclear—to the equation. While this risk should not be exaggerated, it means that while the ROK needs a general cybersecurity strategy focused on resilience, it must also have a strategy specific to the DPRK based on active defense.
No comments:
Post a Comment