In the face of increasing threats posed by network intrusions, South Korea is moving to siginificantly bolster its national cybersecurity posture.
Of particular concern are the continued assaults on critical systems by way of asymmetrical tactics being attributed to North Korean operatives, some of whom may be working with or from within China.
"All core systems at nuclear power plants, traffic control centers, water and energy supply facilities, and other core state institutions are controlled by computer systems. A cyber terror (attack) on them, thus, could bring tremendously serious consequences to our society. So, this is not just a military issue. This involves all of our citizens. We all should pay attention to the new threat and raise our awareness of it" said the head of the North Korean Intellectual Solidarity, Kim Heung-kwang.
Many security experts point out the difficulty involved in accurate attribution. Proxies, routing tricks, compromised machines, and spoofed IP addresses can be easily coordinated to give the appearance that an attack is originating far from the actual source.
In many cases, it is nearly impossible to clearly determine the origin of an attack, and even more difficult to ascertain if the event was state-sponsored or instigated by individual actors, a fact North Korea and other potential adversaries are well aware of and may use as an operational advantage.
"To the North, it is attractive to develop cyber capabilities as it does not cost much money to establish and maintain cyber units. Another reason is it is very difficult to trace down the origin of cyber attacks, which can be a good excuse when it is blamed for any cyber attack," Kim continued.
Much like their Western counterparts and China, South Korean officials now recognize cyberspace as a unique theater of operations, and are shifting focus to include the cyber domain in the development of subsequent military and defense strategies.
"While focusing on three major warfare domains, which are ground, air and sea, we have paid a relatively little attention to the newly added domains of space and cyber space. We have so far stressed joint interoperability among the three domains. But we now need to establish a multi-faceted strategy that can deal with all five domains together with a balanced emphasis on each," said Korea Research Institute for Strategy's Kwon Tae-young.
As former National Security Advisor Richard A. Clarke pointed out in his book “Cyber War: The Next Threat to National Security and What to do about It”, North Korea - while being one of the least "connected" nations, also displays one of the most sophisticated cyber offensive capabilities.
This combination makes North Korea a formidable opponent, while making effective retaliatory counter attacks a much more difficult proposition.
"South Korea's dependency on computerized networks to gather and share information is very high, which is our strength, but at the same time, our weakness as it could be the target of cyber terrorism. North Korea is not vulnerable to cyber terrorism as its level of so-called 'informatization' is very low. That is part of the reason why the North is engrossed into developing cyber strategies," Kwon noted.
South Korea is already engaged in plans to bolster their cyber defense forces and confirmed plans to expand their military's cyber command arsenal.
"We have drawn up plans to strengthen the cyber command to respond to newly emerged security challenges such as cyber warfare and cyber terrorism... we will also seek to drastically increase its staff. Taking into account the entire military staff, we are considering doubling the current staff number of around 500," an unnamed South Korean official stated.