Using Cyberattacks To Stop North Korean Nukes Not Easy, Experts Warn

The country’s isolation from the rest of the world makes it difficult for hackers and malware to invade the nuclear program.

Using Cyberattacks To Stop North Korean Nukes Not Easy, Experts Warn
[Source Photos: Flickr users Beryl_snw, and National Museum of the U.S. Navy]

President Trump warned Tuesday that future threats to the United States from North Korea “will be met with fire and fury like the world has never seen.”


The United Nations Security Council voted unanimously this weekend to impose new sanctions on North Korea in an effort to halt that nation’s rapidly expanding nuclear and missile programs. It’s likely that work is being done away from the public eye to hinder North Korea’s nuclear program, including through a Pentagon cyber-sabotage program that, according to a March report in The New York Times, has targeted North Korea’s nuclear testing for more than three years. It’s part of a so-called “left of launch” approach aimed at defending against nuclear strikes before missiles even leave the ground.

But experts tell Fast Company that doing significant cyber damage to North Korea’s nuclear program would likely be quite challenging, owing in part to that country’s digital isolation from the rest of the world.

“Even gathering the kind of intel you need to do a successful cyberattack is tough, because we don’t know what we don’t know,” says Steven Bucci, a visiting fellow at the Heritage Foundation who studies cybersecurity issues.

A digital attack on a nation’s nuclear program would not be unprecedented. The Iranian nuclear program was famously hindered around 2010 by malware known as Stuxnet, widely believed to be developed by U.S. and Israeli forces. The software caused centrifuges used to enrich uranium to malfunction and become damaged, according to numerous reports at the time.

But Iran is a far more open society, with significantly higher use of computers and the internet than North Korea, Bucci says. That means there are fewer ways for U.S. hackers or malware to enter networks that could impact the weapons program, even as North Korea and other countries have likely ramped up defenses in the wake of Stuxnet.

And while it’s possible that the internet wasn’t directly used to infect the devices in Iran—Bucci says it’s believed the machines were “airgapped” from the internet and that “old school tradecraft” was used to trick or bribe someone into introducing malware to the centrifuge network—that kind of attack, too, would be more difficult in North Korea.


“North Korea’s very limited exposure to the outside world, particularly by people who have knowledge of their systems, makes it very difficult,” he says.

Would-be digital attackers looking to do significant damage to the North Korean weapons program would also have to strike more sites than the Stuxnet creators, who primarily targeted one enrichment facility in Iran. Hampering one or two facilities likely wouldn’t be enough to prevent North Korea from launching an attack.

“What we see in North Korea is that the program is actually fairly diversified in terms of weaponry that can be launched from different launch sites around the country,” says Tim Maurer, co-director of the Cyber Policy Initiative at the Carnegie Endowment for International Peace. “All of this makes the use of offensive cyber operations more difficult to accomplish the military objective.”

It’s also unclear whether, at this stage in the development of the weapons program, a Stuxnet-style attack would be effective at stopping development from moving forward. North Korea is further along in its nuclear program than Iran was at the time of Stuxnet. The country has already tested intercontinental ballistic missiles, and it is believed to have developed a nuclear warhead compatible with them.

“It can be very difficult to say whether a substantial delay would be possible or whether the horse has already left the barn,” says Benjamin Buchanan, a postdoctoral fellow at Harvard University’s Belfer Center for Science and International Affairs and the author of The Cybersecurity Dilemma.

North Korea might also have the capacity to simply work around parts or software hobbled by malware and hacks, even if they don’t realize why they’re not working properly, suggests Chris Finan, a White House cybersecurity aide in the Obama administration.


“Given enough tests, given enough launches, as the North Koreans work out the kinks, they can weed out those ineffective parts,” says Finan, who is now CEO and cofounder of security startup Manifold Technology.

About the author

Steven Melendez is an independent journalist living in New Orleans.