June 25, 2014 marks the 64th anniversary of the outbreak of the Korean War. Started out as a war by proxy, the Korean War became an epitomical conflict in the Cold War era, showcasing not only the civil war between North Korea and South Korea but also friction and conflict between the great powers, U.S. and U.S.S.R. While the U.S., North Korea, and China have signed an armistice in 1953, North Korea and South Korea are technically at war with each other, which recently has taken an interesting turn in the cyber domain.
On June 25 of last year, the websites of South Korea’s presidential office, ruling party and major media outlets were attacked by hackers. Continued until July 1, 2013, the attacks on the websites of 11 news outlets, 5 government offices, and local chapters of the ruling Saenuri Party, included distributed denial-of-service (DDoS) attacks and resulted in shutdown of 131 internet servers and 69 websites. The South Korean government blamed North Korea for the attacks.
This was not the first time for North Korea to be accused of cyber-attacks on South Korea. In March of the same year, the South Korean government attributed the attacks on six major banks and three TV broadcasters to the North. In fact, North Korea has been accused of conducting over 6,000 cyber-attacks against South Korea in 2010-2013.
The case of North Korean cyber-attacks on South Korea provides us with interesting implications in cross-domain deterrence. First, cyber capability served as a tool for North Korea which complements, rather than substitutes, its capability in the conventional and nuclear domains. In 2010-3, the period in which they were busy with cyber-attacks, they carried on with their nuclear and conventional activities, testing nuclear weapons and long-range missiles. Their aggression in the cyber domain was accompanied – not replaced – by aggression with nuclear and conventional weapons. To North Korea, cyber-attacks were useful for initiating low-intensity conflicts and provoking South Korea.
Second, South Korea’s reliance on the internet and the government’s mismanagement of internet-related activities may lead to a backlash from the public on cyber deterrence. South Korea is one of the countries with the highest internet connectivity in the world. With the population heavily reliant on the internet, North Korean cyber-attacks had not only security and economic ramifications but also an effect on public opinion and political culpability. Having experienced North Korean cyber-attacks and the South Korean government’s alleged internet censorship and inability to prevent repeated theft of personal information, South Koreans are now very suspicious of the South Korean government’s efforts to promote cyber security and to deter North Korean cyber-attacks. Many detect political motives behind the South Korean government’s cyber deterrence and some doubt the government’s ability to deter North Korean cyber-attacks. Moreover, some even refused to believe that North Korea was behind the attacks at all, given cyber war’s anonymity and attribution problem.
Similarly, the U.S. government may face public backlash and suffer public relations costs in cyber deterrence. This is demonstrated by the recent controversy over National Security Agency’s warrantless surveillance program. To the public, there may be a fine line between the U.S. government’s efforts to deter cyber-attacks and signals intelligence operations. It is possible that the public may associate the government’s active cyber deterrence with eavesdropping on the domestic population. While such backlash may not be a security threat, the calculus of cyber deterrence should take account of the possible political ramifications and costs.