Has the United States of America carried out cyber activities to sabotage the missile capabilities of North Korea?
So it seems, at least according to what has already been reported since the month of April in an article by journalists Julian Ryall, Nicola Smith and David Millward appeared on the British The Telegraph. The analysis of what happened was presented in Italy with an interesting article by Angelo Aquaro appeared on La Repubblica the April 29 in which it was indicated as a possible cause of the failed launch the long hand of the American Cyber organization.
Let's get back to what is reported by international newspapers.
In 2014, President Barack Obama called for the American cyber facility to seriously address the issue of North Korean missile launches. The request was supported by the strategy known as “Left of launch”.
This secret strategy, desired by President Obama, aimed at fighting the missile threat by non-kinetic means, that is through the use of electronic warfare or war cyber.
It would involve carrying out pre-emptive attacks against enemy missile capabilities, based on the consideration that these capabilities represent a danger to Americans and allies. Beyond the validity, according to international law, of the concept of "preemptive strike", I am interested in trying to understand how an offense can be launched to undermine the capabilities of a missile system. This is because any nation that possesses a missile system used to protect its national territory could in fact be hit in the same way.
The strategy of the "Left of Launch", so called because the attack can reach the missile system even before the missile is launched, seems to have been developed above all to save money but also because it is considered a valid alternative to counter enemy missile systems in certain areas where the use of classical kinetic systems is considered too risky or inappropriate.
It also seems that since the 2014, the year in which President Obama had authorized the "Left of Launch" strategy, the failure of the North Korean tests has been more and more frequent ...
According to an article by Naveen Goud su Cyber Cybersecurity Insiders, experienced Defense World analyst Lance Gatling highlighted that there is evidence that the failure of the April missile launch was due to some US intervention through cyberspace.
But what does this mean in practice? How is it possible to take preventive action on an opposing missile system, conditioning the success or failure of the missile launch?
Although it is not a novelty, I think it is appropriate some explanation that helps to understand what is the real dimension of cyberspace. Just think of the operation of the Stuxnet and to the effects on the uranium enrichment system of the Iranian power plants that occurred a few years ago.
One could think that a missile platform is a safe weapon system as it is made by friendly countries and not directly connected to the Internet, so difficult to attack through cyberspace, unfortunately I regret having to disappoint these people but we must be realistic: today and today there are no systems or platforms that are really isolated!
As I have already explained in a previous article of mine, there is at most the illusion of security, due to the use of incorrect definitions or the poor understanding of the interconnections existing between systems.
Consider a generic missile system, from open sources it is possible to understand that it is made up of various electronic subsystems that may be subject to malfunctions and failures and which, unfortunately, may be subject to cyber attacks. Among these subsystems the engagement module, which generally performs command and control functions, is perhaps the most vulnerable.
Who insures that replacing a module due to a malfunction does not introduce uncontrolled software into the system?
Probably none. Also because certain checks require specialized skills that only possesses those who create such a system.
But this is not the only problem.
Missile control requires information from other systems such as radar or radar networks, weather control systems, and so on.
Each of these can be a vector used to perform a cyber attack and the worst thing is that probably nobody will notice anything until it's too late!
What should we do?
First of all, we need to expand our knowledge in the sector by investing in staff education and in collaborations with research institutions (academic and industrial) investing in the creation of a strong national capacity of cyber awareness.
Therefore, it is necessary to ensure that critical systems, both military and non-military, are constantly subjected to checks and checks that provide extensive testing of the software used but also controls throughout the supply chain to avoid contamination from the outside as far as possible.
Finally, we need to be aware of the fact that "zero risk" does not exist and behave accordingly, providing alternative systems that employ different technologies in those fields that are believed to be the most critical.
All this means targeted investments and no longer procrastinable in the field of Cyber.
To return to the problem of cyberattack the missile system is thought to have used the supply chain of electronic components to infect the missile platform of North Korea, at least that is what Nick Parker reports in an article of the 17 April on "The Sun" ...
Is there still time to be skeptical?
To learn more:
http://www.telegraph.co.uk/news/2017/04/16/north-korea-makes-unsuccessfu...
http://www.repubblica.it/esteri/2017/04/29/news/corea_del_nord_lancia_mi...
https://www.cybersecurity-insiders.com/north-korea-missile-test-foiled-b...
http://missiledefenseadvocacy.org/alert/3132/
https://www.thesun.co.uk/news/3342396/north-korea-missile-launch-failure...
http://www.news.com.au/technology/online/hacking/north-korea-cyber-attac...
http://www.businessinsider.com/us-hack-north-korea-missile-system-2017-4...
https://www.nytimes.com/2017/03/04/world/asia/north-korea-missile-progra...
