Word leaked late Friday that the U.S. secret agencies, likely a group within the NSA’s Tailored Access Operations group, tried to deploy a version of the Stuxnet computer virus to attack North Korea’s nuclear weapons program but the attack was unsuccessful. The attack supposedly took place five years ago, and was originally part of the Stuxnet attack that was used to destroy Iran’s nuclear program.
The now-famous Stuxnet attack damaged over one thousand of Iran’s centrifuges, the key tool used to enrich uranium.
Intelligence sources, speaking on condition of anonymity, reported that Stuxnet’s developers, who were a joint U.S. – Israeli team, produced a related virus that would become active when it detected Korean language on an infected machine.
While the virus did penetrate North Korea’s computer system it was not able to access the core machines running Pyongyang’s nuclear weapons program, One of the sources of the leak is a former high-ranking intelligence official who was briefed on the program.
North Korea’s extreme secrecy and unparalleled isolation from modern communications systems were cited as reasons why the attack failed.
Merely owning a computer requires in North Korea requires police permission, and the open Internet is unknown except to a precious few people. China supplies the country with its single internet connection to the outside world, which actually protects the country somewhat as China is keen to keep its network as closed off as possible as well.
Iran enjoys relatively free internet access and computers and mobile phones are popular and easy to obtain items in the Islamic state.
The North Korean operation is only the second time that the NSA is known to have targeted with software designed to destroy equipment.
Nuclear experts say there are similarities between North Korea and Iran’s nuclear programs, which makes sense given the two countries continue to collaborate on the underlying technology.
Both countries use the same P-2 centrifuges, illicitly obtained when Pakistani nuclear scientist A.Q. Khan, defected to Iran.
Both countries control these centrifuges with software developed by Siemens AG that runs on Microsoft’s Windows operating system. Stuxnet exploited vulnerabilities in both the Siemens and Microsoft packages.
Given the similarities in the programs, it wouldn’t have taken much work to modify Stuxnet to attack both programs.
David Albright, who founded the Institute for Science and International Security and an expert on North Korea’s nuclear activities, thinks U.S. cyber agents probably attempted to infiltrate North Korea’s network by first hacking suppliers from Iran, Pakistan or China and infecting them with the malware.
Stay Connected