Tag Archives: North Korea

South Korean Cybersecurity: Three Questions

By Brett Young, Research Assistant, American University, DC
Center for Technology and National Security Policy


The mid-April paralysis of the National Agricultural Cooperatives Federation (Nonghyup), South Korea’s fourth-largest retail bank, seemed to be another routine cyber incident in the same vein as recent, high-profile intrusions carried out against Sony (where attacks resulted in the breach of 100 million customers’ personal information) and Hyundai Capital (where hackers demanded a ransom for not releasing stolen information.) Preliminary investigations, however, showed that this was not the work of ordinary hackers. In early May, the Seoul Central District Prosecutor’s Office announced that the culprit was North Korea.

A network breach of the financial systems that underpin a vibrant modern economy, particularly one conducted not by a group of profit-seeking hacker-criminals, but by a sovereign nation-state with hostile intentions, raises a number of questions.

How should this alleged incident impact diplomatic relations with North Korea? After a bloody 2010, this year has seen a North Korean “charm offensive” with an emphasis on improving relations between the two Koreas. The North may be seeking food aid to stave off famine conditions, or may want a more stable situation for the 100th anniversary of Kim Il-Sung’s birthday in 2012. At the negotiating table, President Lee Myung-bak’s default position has been to seek apologies for the deaths of 50 citizens at the hands of the North in 2010. Yet any discussion of the Cheonan corvette sinking or the shelling of Yeonpyeong Island is met with vigorous denials and can lead to immediate termination of any talks by the North.

Nonghyup’s security breach was considerably more than a nuisance; since April 12, the bank has spent over $400 million on measures to prevent the loss of customer confidence. When the South sits down at the table with the North, should Nonghyup be on the agenda? Or is silence (or covert retaliation) best?

The North has shown the ability to change their diplomatic posture overnight; their “charm offensive” posture may not last. When dealing with a regime that specializes in provocation, South Korea needs to define what manner of cyber incidents will be permitted to derail ongoing negotiations.

At the national level, how should South Korea pursue cybersecurity down the road? The security team at Nonghyup ignored financial sector regulations regarding strength of passwords, and internally permitted use of passwords that were deemed too weak to be used by their own customers.

Previous cyber intrusions in the ROK were enabled by the malware spread through popular peer-to-peer (P2P) file-sharing websites. In the past, South Korea has tried to combat cyber intrusions by increasing public awareness through mass and social media. But the economic motivation to use P2P websites—and get goods for free—will remain, despite government campaigns. South Korea can create more vigorous laws regarding network protection, but must do so in a fashion that will not create a counterproductive environment where reluctance to cooperate is the preferred corporate response to a network breach.

Internationally, the Nonghyup case will never end up before the United Nations. Last year’s sinking of the Cheonan resulted in a UN Presidential Statement condemning the attack. But in cyberspace, attribution—being able to directly attribute an intrusion to a source—remains the thorniest in a thicket of issues. North Korea’s involvement has been alleged, not proven—as with two other previous cyber incidents in the South. Some experts and media outlets disagreed, noting that technical evidence cited by the National Police Agency can be manipulated by competent hackers. As a state with one of the highest broadband connectivity rates in the world, South Korea is better off continuing to bolster its defenses: it has both a Cyber Warfare Command and Cyber Terror Response Center, and roughly doubled funding for the former in April. 

Finally, there is the broader question of the gradual increase in cyber intrusions against states, and what states are to do about them. Recent years have seen increasingly brazen network intrusions, threatening state secrets, which costs time and money. Intelligence agencies, military planners, and policymakers are grappling with the question of how exactly to respond to certain types of intrusions—and what, if any, level of a cyber incident would require the answer of a real-world, kinetic response.

An event which broke as this went to press will certainly have the attention of Seoul. The Wall Street Journal reported that the U.S. Department of Defense is soon to release its cybersecurity strategy, possibly containing precedent-setting answers to the question posed above.

All three questions bear close scrutiny not only by South Korean policymakers, but by those interested in shaping policy for effective cybersecurity around the world.

Brett Young is a graduate student at American University’s School of International Service, where he focuses on security studies in East Asia. He is currently researching aspects of cybersecurity for NDU’s Center for Technology and National Security Policy. He previously interned at the Korea Economic Institute in Washington, DC.


Leave a comment

Filed under Regional Studies, Strategic Studies

Is Kim Jong Il Ready to Name a Successor?

By Katherine Walczak, Center for Strategic Research

Kim Jong Il with soldiers

Kim Jong Il

As rumors abound over Kim Jong Il’s failing health, the question as to who will take his place goes unanswered. Believed to have suffered a stroke two years ago, and looking increasing worse when pictured on a recent trip to China, Kim’s health will pose a major concern for North Korea’s future. His deteriorating health was, reportedly, the reason the Workers Party Congress planned for September 15 was postponed, which has been rescheduled for today.

North Korea’s Workers Party Congress has not been held since 1980, where Kim officially accepted his position as the leader of North Korea, meaning this meeting will likely address some important concerns about North Korea’s future. And it is believed that Kim will use this congress to name his son, Kim Jong-un, as his successor.

Kim has three sons, from two different women, all of whom have been considered as possible replacements for their father. Kim’s oldest son, Kim Jong-nam, was the likely choice to be the next leader until he fell from favor in May 2001 after being arrested at the Tokyo International Airport. Kim’s next son, Kim Jong-chul, originally thought to have been Kim’s next choice, has been reportedly overlooked for his younger brother. This leaves the position to Kim’s youngest son, Kim Jong-un.

Very little is known about Kim Jong-un. He’s thought to be 26-28 years old, he may or may not have attended school in Switzerland, and few photos are known to exist of him. Kim Jong-un also might face challenges from his brothers for his position or for positions of power within the government. If Kim Jong-un is chosen, his uncle, Jang Song Taek, will likely take up a regent role to guide the young leader. Kim Jong-un is said to be most like his father in temperament, yet many are unsure whether he will follow in his father’s footsteps as a leader.

North Korea’s future is uncertain, yet there are hopes that today’s Congress will address some of these issues. But even should Kim name a successor, questions still remain over who will be named and what type of leader they will be. Given that the last congress was postponed, there is no guarantee the congress will even be held today. There seem to be plans in the making for the future of North Korea, but these plans are shaky at best, leaving the rest of the world in the dark about what’s to come in North Korea.

Leave a comment

Filed under National Security Reform, Regional Studies, Strategic Studies

Stuntin’ Like My Daddy: Kim Jung-un and the North Korean Succession

by Jennifer Ho, Research Intern to Visiting State Department Fellow, Ms. Ferial Saeed

Kim Jong-il is in ill health and the quest to groom a suitable successor dominates internal politics in the Democratic People’s Republic of Korea. Of his three sons, Kim Jong-il chose the youngest, Kim Jong-un, to be his successor last year. His second son, Kim Jong-chol,  was deemed too “girlish” to rule and perhaps even more embarrassingly, his eldest son, Kim Jong-nam, also known as “Fat Bear,” was also passed over as a result of his great affection for (and a widely-publicized failed attempt to sneak into) Tokyo Disneyland.

Kim Jong-un is said to have a take-charge attitude reminiscent of his father, and though he is a member of parliament who frequently accompanies his father on inspection visits, the transition may not occur smoothly. His succession conflicts with the Confucian traditions espoused by Kim Jong-il which deem the eldest son to be the rightful heir. Additionally, Kim Jong-un’s uncle, Chang Sung-taek, and O Kuk-ryol, two top-level cronies, are caught in their own struggle to attract foreign investment to the DPRK, the results of which may also influence the transition.


From left to right: Kim Jong-nam, Kim Jong-chol, Kim Jong-un

The DPRK’s neighbors approach this leadership succession with apprehension – and rightly so – for it has great bearing on nuclear negotiations and consequently, regional and global security. So will Kim Jong-un assume command as planned – and in similar fashion to his father? How much stability can one expect to see in Northeast Asia upon Kim Jong-il’s passing?

Sit back, put your stunna shades on and hazard a guess.

Leave a comment

Filed under Strategic Studies