Two journalists obtain an exclusive interview with North Korea’s reclusive leader Kim Jong Un, but their mission radically changes when the Central Intelligence Agency sees an opportunity to assassinate the “Glorious Leader” of the Hermit Kingdom. The CIA then enlists the journalists to travel to Pyongyang and take him out.
At least, this is the plot for the upcoming movie with Seth Rogan and James Franco, the lead actors from “Pineapple Express” and “This is the End.” Although it will likely prove hilarious to audiences here at home upon its release, the leader in North Korea isn’t laughing.
Immediately after the trailer for the movie was released in June, a Foreign Ministry spokesman pledged that North Korea would “mercilessly destroy anyone who dares hurt or attack the supreme leadership of the country, even a bit.”
Moreover, Reuters reported that computer nerds in the North Korean military have already gotten revenge by breaching Sony’s computer systems, exposing highly sensitive data online including the Social Security numbers of its 6,000 employees and making available upcoming movies such as Brad Pitt’s “Fury.”
As hilarious as the lead-up to North Korea’s data breach was, it reflects a deeply troubling trend in warfare — the rise of state-sponsored cyber attacks. Make no mistake about it: the dangers inherent in cyberspace are being exploited by states for strategic purposes as well as by thieves who siphon off millions of credit card numbers.
According to a recent report by Internet Security firm Cylance, Iranian hackers have directly attacked and extracted sensitive data from the networks of government agencies and major critical infrastructure companies in 16 countries around the world — including our own.
“Global critical infrastructure organizations need to take this threat seriously. The Iranian adversary is real and they’re coming, if not already here,” said Mark Weatherford, the Former Deputy Under Secretary for Cybersecurity at the U.S. Department of Homeland Security in the report. In Operation Cleaver, Iran went after a litany of targets, including military, oil and gas, energy and utilities, transportation, airlines, airports, hospitals, telecommunications, technology, education, aerospace and foreign governments.
“Iran has rapidly gained near parity with the Chinese, but may be closer to the Russians in terms of swagger,” said Retired Admiral William J. Fallon, the former commander of CENTCOM in the report by Cylance.
However, the U.S., in collaboration with Israel, has also engaged in this revolutionary form of warfare, which it demonstrated remarkably well when it destroyed roughly a fifth of Iran’s nuclear centrifuges by causing them to spin out of control. The Business Insider reported in 2012 that the CIA, along with Israeli intelligence, successfully managed to upload a malware program called Stuxnet through an employee’s flash drive, which severely set back Iran’s nuclear program.
China is playing the game too: The Washington Post reported last month that Chinese government hackers successfully breached the computer networks of the U.S. Postal Service, compromising the confidential data of more than 800,000 employees. Additionally, Chinese military hackers broke into the computer networks of military contracting companies — who help to transport troops and supplies — 20 times in one year, according to the Wall Street Journal.
The Internet security firm FireEye Inc., reported last year that China “has the ability to overwhelm cyber defenses with quantity over quality, just as it did in the Korean War and it might in any other type of conflict.”
Extracting sensitive data from computer networks is not only limited to nation-states, as the colossal retail hack at Target proved last year. Cybercriminals installed malware onto Target’s security and payments system, allowing them to steal the credit card information from all the Christmas shoppers at Target’s 1,797 U.S. stores. At the precise moment when cashiers would scan and bag items, the malware would activate, thereby capturing the shopper’s credit card number.
According to Bloomberg Businessweek, the hackers made off with 40 million credit card numbers. More recently, Home Depot announced in September that 56 million credit card numbers might have been compromised in a similar attack, which makes it the largest retail hack in history.
Clearly, cyber attacks represent a staggering threat to not only military and industrial targets, but also to American consumers.
Adm. Michael S. Rogers, the new head of the National Security Agency and U.S. Cyber Command, testified to the House Select Intelligence Committee last month that a cyber attack on critical U.S. infrastructure — such as water or electrical systems — by a foreign government is likely imminent; according to Adm. Rodgers, “It’s only a matter of when, not if, we are going to see something dramatic.” He added, “This is not theoretical.”
It’s not reassuring either.