U.S. forces practice cyberattacks to counter North Korean threat
(Bloomberg) -- U.S. forces in South Korea and the Pacific are honing their capability to conduct offensive cyber operations, according to the Pentagon’s testing office, a sign digital warfare is taking on added significance as a potential weapon against North Korea.
Robert Behler, the Defense Department’s director of operational testing, said in a report to Congress this week that his office is working with U.S. and South Korean forces “to develop a cyber-range environment” where they “may be able to train as a coalition force on matters of critical importance to operations in a cyber domain.”
Most attention on U.S. military options against North Korea ruler Kim Jong Un and his nuclear weapons program has focused on aerial attacks, special operations raids or, in the most extreme case, tactical nuclear weapons. But in the testing office’s annual report, Behler said U.S. forces requested its help in assessing their offensive cyber planning and execution during three exercises last year.
“The commandant commanders are maturing their operational processes for targeting and employing offensive cyber capabilities,” Behler said in a section of the report on major weapons programs devoted to cybersecurity.
The testing office reviewed how commanders synchronized cyber weapons with conventional methods of attack and maneuver and integrated intelligence support. The report said the office “made recommendations to improve their critical procedures.”
Despite its economic and political isolation from a series of United Nations sanctions, North Korea has proven itself capable of deploying sophisticated cyberattacks. A North Korean hacking group associated with a theft of data at Sony Pictures Entertainment in 2014 is believed to be behind attacks on South Korean cryptocurrency users and exchanges that took place late last year, U.S.-based researchers said.
The nonpartisan Congressional Research Services said in an report in August that North Korea is believed to operate an offensive cyber program that has “the potential not only to disrupt international commerce, but to direct resources to its clandestine weapons and delivery system programs, potentially enhancing its ability to evade international sanctions.”
Software and cyber are “my No. 1 focus right now,” Behler, who took office in December said in an interview before the report’s release.
‘Computer With Wings’
"The challenge is all of our weapons systems are not enabled by software -- they are defined by software,” Behler said. “If I look at the F-35, I see a big computer with wings on it, and what makes it work is” the eight million lines of code on each of the fighter jets, he said.
“The more software you have, the more complexity” and the danger of being hacked, he said. “We have to figure out how to test these very, very complex systems end-to-end,” detect vulnerabilities and patch them, he said.
“People don’t like to talk about software because it’s mystifying,” said Behler, a former Air Force SR-71 test pilot, commander and recently the chief operating officer of the Carnegie Mellon Software Engineering Institute. “We have to to demystify this,” he said.
His report indicated there’s been improvement. Pentagon “red teams” trying to crack into systems during exercises “consistently commented on the improved network defenses due to improved patching,” the report found.
But “almost every assessment and test demonstrated that DoD network defenses still contain exploitable problems,” it said. Once hackers gained entry to a network “they were able to maneuver undetected” and “exploit trust relationships and systems connected to the network.”