- The Foundry: Conservative Policy News Blog from The Heritage Foundation - http://blog.heritage.org -
North Korea Ups the Ante with Cyber Attack
Posted By David Inserra On March 21, 2013 @ 3:30 pm In Security | Comments Disabled
On Tuesday, several South Korean banks and television broadcasters were taken offline due to a “pretty massive ” cyber attack. For the most part these attacks were just a nuisance, temporarily cutting off online access to bank accounts and freezing TV station computers, though not interfering with any broadcasts.
Most signs point to North Korea as the culprit, as tensions on the peninsula remain high following North Korea’s nuclear weapon and missile  tests and bellicose rhetoric . China may have also been involved, as the attacks originated there , though hackers often reroute their attacks to make them difficult to trace. As cyber capabilities become more widely available, the U.S. and its allies must be more prepared to face cyber attacks.
Indeed, this is not the first time that North Korea has been implicated in attacks on South Korea or the U.S. In 2011, North Korea was the likely aggressor in a disruptive 10-day attack on Korean government websites and U.S. military forces in Korea, aptly named “10 Days of Rain .” In 2009, North Korea is thought to have gotten its hands on U.S.–South Korean defense plans  through an unsecured USB thumb drive. Together with other suspected hacks, it is clear that North Korea is more than willing to make good on its threats through the Internet.
And North Korea is not alone. Iran  is another isolated state that has shown an interest in using cyber weapons against its enemies. Just ask Saudi Arabia’s Aramco, the world’s largest state-owned oil exporter, who had to replace 55,000 computers  after an Iranian virus known as “Shamoon” spread like wildfire through its network. While not a very sophisticated virus, Shamoon just goes to show that an enemy can make up for skill with dedication and malicious intent.
Of course, nations like China and Russia have both the dedication and the cyber skills. Indeed, these bad actors have been busily stealing U.S. military and economic secrets for at least a decade. In China’s case, many of these attacks are state-led endeavors , while the Russians prefer to work indirectly with Russian criminal organizations . Regardless of the origin, the U.S. loses as much as $250 billion a year  in lost intellectual property due to cyber espionage. This must change.
The U.S. should carefully consider these threats when preparing cybersecurity legislation. Thankfully, the House  and Senate  have held numerous hearings on cybersecurity in the past two weeks. Cyber threats from China, Iran, North Korea, Russia, or elsewhere are constantly changing and the U.S. must be prepared with flexible and dynamic solutions to cybersecurity. Regulations would only play into North Korea’s hand by hamstringing  our businesses and innovators.
Instead of embracing slow-moving and costly regulations, the U.S. should embrace a solution that is as dynamic  as the Internet itself. Sharing information  on cyber threats and vulnerabilities is a good place to start and something Congress should consider as it moves forward with cybersecurity legislation.
Article printed from The Foundry: Conservative Policy News Blog from The Heritage Foundation: http://blog.heritage.org
URL to article: http://blog.heritage.org/2013/03/21/north-korea-ups-the-ante-with-cyber-attack/
URLs in this post:
 Image: http://blog.heritage.org/wp-content/uploads/Kim-Jong-Un-undated.jpg
 pretty massive: http://mobile.reuters.com/article/idUSBRE92J06F20130320?irpc=932
 nuclear weapon and missile: http://www.heritage.org/research/reports/2013/01/north-korea-nuclear-test-time-for-us-and-un-to-get-serious-on-sanctions
 bellicose rhetoric: http://blog.heritage.org/2013/03/07/north-korea-threatens-nuclear-strike-on-u-s/
 originated there: http://www.cbsnews.com/8301-202_162-57575506/n-korea-suspected-in-cyberattack-on-s-korea-despite-china-link/
 10 Days of Rain: http://blogs.mcafee.com/wp-content/uploads/2011/07/McAfee-Labs-10-Days-of-Rain-July-2011.pdf
 defense plans: http://www.guardian.co.uk/world/2009/dec/18/north-south-korea-hackers
 Iran: http://blog.heritage.org/2012/09/24/iranians-may-be-doling-out-payback-for-u-s-sanctions/
 replace 55,000 computers: http://www.nytimes.com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us.html?pagewanted=all
 state-led endeavors: https://www.mandiant.com/news/release/mandiant-releases-report-exposing-one-of-chinas-cyber-espionage-groups
 criminal organizations: http://www.washingtonpost.com/wp-dyn/content/article/2007/10/12/AR2007101202461.html
 250 billion a year: http://www.symantec.com/connect/blogs/putting-face-intellectual-property-theft
 House: http://homeland.house.gov/hearing/subcommittee-hearing-cyber-threats-china-russia-and-iran-protecting-american-critical
 Senate: http://www.intelligence.senate.gov/hearings.cfm?hearingId=ca26be28b030263ca445f6b117445d1f
 hamstringing: http://www.heritage.org/research/reports/2012/06/cybersecurity-and-red-tape-more-regulations-not-the-answer
 as dynamic: http://www.heritage.org/research/reports/2012/07/securing-us-computer-networks-with-secure-it
 Sharing information: http://www.heritage.org/research/reports/2012/01/rogers-ruppersberger-bill-a-solid-cybersecurity-approach
Copyright © 2011 The Heritage Foundation. All rights reserved.