US Tried to Launch Stuxnet Attack Against North Korea and Failed
This report is not really surprising because infecting North Korea’s nuclear program with a Stuxnet like virus would be far more challenging than Iran. Reportedly the US and Israel were able to infect the Iranians’ nuclear program with the virus despite it being on a closed Intranet. They did this by infecting a worker’s USB thumb drive with the virus who then plugged it into a computer within the intranet. With Iran being a more open society it would be easier to place intelligence assets within the country to pull off such an attack. In North Korea it would be much more difficult due to the closed nature of their society where most people are not even free to move about the country without an official permit much less get close enough to a nuclear facility to identify ways to infect their systems:
,
The United States tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons program five years ago but ultimately failed, according to people familiar with the covert campaign.
The operation began in tandem with the now-famous Stuxnet attack that sabotaged Iran’s nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by U.S. and Israeli forces.
According to one U.S. intelligence source, Stuxnet’s developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.
But U.S. agents could not access the core machines that ran Pyongyang’s nuclear weapons program, said another source, a former high-ranking intelligence official who was briefed on the program.
The official said the National Security Agency-led campaign was stymied by North Korea’s utter secrecy, as well as the extreme isolation of its communications systems. A third source, also previously with U.S. intelligence, said he had heard about the failed cyber attack but did not know details.
North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open Internet is unknown except to a tiny elite. The country has one main conduit for Internet connections to the outside world, through China. [Reuters via a reader tip]
You can read more at the link, but I am sure the North Koreans are smart enough to not be using USB thumb drives thus meaning their systems are likely only vulnerable to an insider attack.
