Cyber Warfare - Alleged Failures Of North Korean Missile Launches

“In war, the truth is so precious that is has to be surrounded by a bodyguard of lies" -- Winston Churchill speaking at the end of WWII.

There has been a lot of speculation over the true cause of the many failures of North Korea’s missile tests. Some people are suggesting the Trump Administration is behind the failures by somehow introducing a virus into the missile systems to make them fail.

Such freelance analysis on the Internet is unhelpful in the least. It sets hares running. It makes potential enemies more aware of their vulnerabilities, and often closes off avenues that might otherwise have been helpful.

In an era where nothing seems to be a secret anymore, a frenzy of on-line speculation over the range and potential of American cyber-attack capabilities really does not help.

Even if such so-called analysis is intended to create false news stories to bury the original secret is a mountain of lies, it still remains dangerous. People who do this are messing with the very foundations of the security of the United States.

It also invites people to retaliate as the potential enemy develops an increasing sense of grievance that they have been publicly humiliated. That often does not go well. Remember what happened to Sony Corporation when they sanctioned the making of the movie, “The Interview?”

North Korea is a state that does not like its leaders to be the subject of mirth and comedy. The leadership in Pyongyang have shown they grasp the idea that revenge is a dish that is best served cold. Their use of cyberspace to attack South Korean banks and other systems illustrates that point rather well.

Stuxnet and its implications for the Iranian nuclear program are clearly at the heart of such on-line guesswork. Just because it is alleged, and has never been publicly confirmed, that America and Israel were behind efforts to delay the Iranian nuclear program using a virus to attack the centrifuges, so-called experts seem to think they can draw parallels with other kinds of failures.

At the heart of Gulf War One when Scud missile started to reign down on Israel, they broke up as they re-entered the atmosphere. Iraqi welders, it appears, are not as good as those from North Korea. In the many attacks mounted by the Houthi rebels using Scud missile systems against Saudi Arabia, many have hit their designated targets.

Similarly, Yemeni Scuds, sourced from North Korea, appear to work despite being maintained by people who have little expertise in such missile systems. Like the V2 missiles that were its progenitor at the end of WWII, the Scud is relatively easy to maintain and launch, as North Korea has demonstrated on many occasions. Scuds do not have that many ways of failing. The guidance systems are not that complicated.

Given this, the question is begged: is someone seriously suggesting that a piece of malware could sit in a North Korea missile system and only become active in a missile that is launched in the direction of Japan?

The question of how such a piece of software might arrive in a North Korean missile is one which those speculating need to seriously consider.

In the case of the Stuxnet virus, the attack vectors – the means by which the software was introduced into the Iranian nuclear program, are gradually becoming clear. Those behind the attack, and this is not a confirmation that it was the Americans and Israelis, developed a number of ways of introducing the virus into Iran’s nuclear facilities.

One of the enduring lessons to emerge from that incident, whoever was behind it, is that once a virus exploiting a number of so-called zero-day vulnerabilities, and Stuxnet exploited four, it cannot be put back in the box. Such things are one time weapons. Once used, they are no longer a secret. They therefore need to be conserved and only used at a time and place when the situation demands. They also require a high-degree of risk analysis concerning the ways in which the virus is delivered into the target system.

Having someone walk in the gate and load up the software and walk away may sound nice in Hollywood movie scripts, but the reality is clearly much riskier. Given the North Korean’s leaders much quoted propensity for giving any opposition to his leadership a nasty ending -- remember what happened to his Aunt and Uncle, few would take the risk to plug in software that might be detected. If a virus was to be introduced into the Scud or the telemetry systems that observed its launch, surely Pyongyang would have become aware that such a threat had manifested itself inside one of their systems.

Another example is worth discussing. When North Korea started to supply Syria a nuclear plant which started to be built in the Dier Ez Zour area of Syria, an area incidentally now held by ISIS – Israel mounted an attack to neutralize the plant. It was called Operation Orchard. As Israeli aircraft flew into Syrian airspace, a remarkable thing happened. Not one missile from the Russia-built S-300 system delivered to Syria fired. Something had paralysed Syria’s command and control system.

While at the time there was speculation Israeli had somehow pulled off a stunning cyber-attack against the S-300 system, rumors also started to circulate over the presence in the package of attack aircraft of an Israeli electronics warfare escort aircraft.

Perhaps it was this aircraft which managed to neutralise the Syrian air defence systems and give the Israeli aircraft an unopposed ingress and egress from Syrian airspace.

But that story is now lost in the sands of time, masked by all sorts of varying accounts, some true and some false, over how the Israeli’s manage to neutralize the entire Syrian Air Defence system. It certainly caused the Syrians angst. The shock waves of the attack were also felt in Tehran.

At the time, the Iranians had just signed a contract, which was initially embargoed, to purchase the same missile defence system. Imagine how that went down with the Mullah’s in Tehran. The S-300 was supposed to protect the Iranian nuclear program from just such an attack by Israel. As the sanctions regime against Iran has been relaxed, it has now been able to get hold of the S-300 system and put it into operation.

Fast forward to today and the problems created for NATO by the seriously capable S-400 variant, and the even newer S-500 missile system just been introduced into service around Moscow. These are systems that help Russia enforce a policy of creating what is known as an Anti-Access Area Denial (A2AD) approach to missile defense.

Suffice it to say that as far as aircraft are concerned, entering an area protected by one of these modern variants of the Russian surface-to-air missile system inventory is likely to be a life changing experience for the pilot. These are seriously capable missile systems that, according to open source reporting, can conduct 36 parallel engagements with a very high probability of killing any designated target.

If America, or its allies, are working on ways to bring down such a missile system using cyber-attacks, it is not helpful to publish something that is little better than guesswork in publicly available forums such as the Internet or by mainstream journalists.

If America or its allies also find ways of undermining North Korea’s program of building missiles, well, then, that is also something that should stay in the highly-classified domain of intelligence, and out of the public domain. Speculation as to what America just might be able to do is at the very least silly, and at its worst, harmful to national security. Those who speculate are not helping. They should desist immediately.

Churchill’s observations at the end of WWII remain axiomatic. Some things in the highly-classified box need to remain there, despite the efforts of some in the mainstream media to release it into the public domain.

In an increasingly wicked world, the very foundations of homeland security that one day may save America and allied lives needs to remain classified.

HomeLandSecurityToday:

You Might Also Read:

North Korea More Likely To Launch A Cyber Attack Than A Military Strike:

Cyber Attacks Against Korean Missile Launches:

Cyberwarfare: Borders Offer No Defense:

Stuxnet, Secrecy & The New Era of Cyber War:

 

« Terrorism Prevention & Border Protection – New Face Recognition Platform
Big Data Tech Alters Homeland Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium

Singapore Cybersecurity Consortium was created to encourage use-inspired research, training and technology awareness in cybersecurity.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

Rafael

Rafael

Rafael has more than 15 years of proven experience in the cyber arena providing solutions for national security as well as commercial applications.

Red Canary

Red Canary

Red Canary continuously monitors and analyzes your endpoints, users, and network activity in search of threatening behaviors, patterns, and signatures.

SEC Consult

SEC Consult

SEC Consult is a leading European consultancy for application security services and information security.

Cyber Discovery

Cyber Discovery

Cyber Discovery, the UK Government's Cyber Schools Programme, is a learning programme designed to give young people the opportunity to learn the skills needed to enter the cyber security profession.

State e-Government Agency (SEGA) - Bulgaria

State e-Government Agency (SEGA) - Bulgaria

The State e-Government Agency (SEGA) is responsible for matters relating to electronic governance in Bulgaria.

Accertify

Accertify

Accertify is a leading provider of fraud prevention, chargeback management, and payment gateway solutions.

ubirch

ubirch

The ubirch platform is designed to ensure that IoT data is trustworthy and secure.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

WEBINAR: 2024 and Beyond: Top Six Cloud Security Trends

April 4, 2024 | 11:00 AM PT: Join this webinar to find out about six emerging trends dominating the cloud cybersecurity landscape.

GrrCON

GrrCON

GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

8com

8com

8com is an established Managed Security Service Provider (MSSP) with over 75 employees and customers in over 40 countries.