US deployed Stuxnet-style attack against North Korea

By on
US deployed Stuxnet-style attack against North Korea

Foiled by low penetration of the internet.

The US reportedly tried and failed to hack North Korea's nuclear weapon program five years ago by deploying a version of the Stuxnet computer virus, according to people familiar with the covert operation.

The campaign began in tandem with the now-famous Stuxnet attack that sabotaged Iran's nuclear program in 2009 and 2010 by destroying a thousand or more centrifuges that were enriching uranium. Reuters and others have reported that the Iran attack was a joint effort by US and Israeli forces.

According to one US intelligence source, Stuxnet's developers produced a related virus that would be activated when it encountered Korean-language settings on an infected machine.

But US agents could not access the core machines that ran Pyongyang's nuclear weapons program, said a former high-ranking intelligence official who was briefed on the program.

The official said the NSA-led campaign was stymied by North Korea's utter secrecy, as well as the extreme isolation of its communications systems. 

North Korea has some of the most isolated communications networks in the world. Just owning a computer requires police permission, and the open internet is unknown except to a tiny elite. The country has one main conduit for internet connections to the outside world, through China.

In contrast, Iranians surfed the net broadly and had interactions with companies from around the globe.

A spokeswoman for the NSA declined to comment. The spy agency has previously declined to comment on the Stuxnet attack against Iran.

The United States has launched many cyber espionage campaigns, but North Korea is only the second country, after Iran, that the NSA is now known to have targeted with software designed to destroy equipment.

Washington has long expressed concerns about Pyongyang's nuclear program, which it says breaches international agreements.

Experts in nuclear programs said there are similarities between North Korea and Iran's operations, and the two countries continue to collaborate on military technology.

Both countries use a system with P-2 centrifuges, obtained by Pakistani nuclear scientist AQ Khan, who is regarded as the father of Islamabad's nuclear bomb, they said.

Like Iran, North Korea probably directs its centrifuges with control software developed by Siemens that runs on Windows, the experts said. Stuxnet took advantage of vulnerabilities in both the Siemens and Microsoft programs.

Because of the overlap between North Korea and Iran's nuclear programs, the NSA would not have had to tinker much with Stuxnet to make it capable of destroying centrifuges in North Korea, if it could be deployed there.

Despite modest differences between the programs, "Stuxnet can deal with both of them. But you still need to get it in," said Olli Heinonen, senior fellow at Harvard University's Belfer Center for Science and International Affairs and former deputy director-general of the International Atomic Energy Agency.

North Korea has been hit with sanctions because of its nuclear and missile tests, moves that Pyongyang sees as an attack on its sovereign right to defend itself.

US Secretary of State John Kerry said last week that Washington and Beijing were discussing imposing further sanctions on North Korea, which he said was "not even close" to taking steps to end its nuclear program.


Got a news tip for our journalists? Share it with us anonymously here.
In Partnership With

Most Read Articles

Log In

Username / Email:
  |  Forgot your password?