Category All Things DC

When will North Korea collapse?

Will North Korea collapse? When will it collapse? Questions North Korea researchers hear all the time, and given a recent boost after comments from President Obama mentioned Pyongyang’s collapse, followed quickly by an article and mea culpa from well-known, long-time Korea specialist Aidan Foster-Carter. Foster-Carter’s article lays out the general lines of the debate, ‘collapsism’, and 20+ years of poor policy choices by the U.S. and other governments based on the idea that “the North is going to collapse … any day now … Any. Day. Now.”

Plenty of Korea specialists have taken a stab at this parlor game of predicting Pyongyang’s fall: Foster-Carter, per above; Victor Cha, current Georgetown professor and former Director for Asian Affairs at the NSC in his 2012 book; economic specialists (e.g. Haggard and Noland). Intelligence analysts and foreign policy specialists have filled entire servers (and before that, file cabinets) with studies on when the North will collapse. Here’s one from the CIA circa 1997/98 (also here) that featured a majority of Korea specialists convened by Langley doubting the regime could last another five years (we’re coming up on 20).

Not to begrudge anyone their game, but what’s the point?

Share

Book Review of ‘The Real North Korea: Life and Politics in the Failed Stalinist Utopia’ by Andrei Lankov

[Book Review] Lankov is one of the world’s top North Korea specialists, publishing in English or Korean, and has the rare benefit of speaking the language and having spent time studying in the North. While getting time on the ground in North Korea can be difficult, too few ‘experts’ have spent much time in either of the Koreas, or even bothered to learn the language – problems readily apparent when talking to many U.S. military, intel agency, or other denizens of government assigned to Korea issues. Given 60+ years of failure to achieve U.S. goals when it comes to the North, maybe it’s time to try learning from folks like Lankov.

The book opens with a history of the North and the ruling Kim family that builds the framework for later chapters explaining why Pyongyang makes the decisions it does (hint: it’s not cause they’re crazy). A couple of quotes that relate to the point:

“The North Korean leaders do not want reforms [AKA more trade/interaction with the outside world, as the U.S. State Dept. is forever trying to foster] because they realize that in the specific conditions produced by the division of their country, such reforms are potentially destabilizing and, if judged from the ruling elite’s point of view, constitute the surest way of political (and, perhaps, physical) suicide.” [Hardcover edition, pg. 112]. The North Korean elite “would be happy to see a North Korean economic boom – as long as they are not going to enjoy this wonderful picture through the window gate of their cell.” [Pg. 118].

The last third of the book focuses on the future and what outsiders could do to foster change inside the North, or at least reduce tensions and enhance regional stability in NE Asia. Here, like other North Korea specialists (many outside of government), Lankov outlines the important role information can play in pressuring the North Korean regime. Ironically, this overlaps with the semi-idiotic movie ‘The Interview’ and the fear and anger it engendered in the North – military and physical threats are not the key, discrediting the leadership in the eyes of the North Korean populace is the key. In Lankov’s words:

Share

Brief History of North Korean Cyber Attacks

Is North Korea, widely viewed in the outside world as equal parts backward and crazy, even capable of conducting a cyber attack?

Yes.

Prior to the cyber attack on Sony, widely though not entirely thought to be the work of North Korea, the North has been blamed for successful cyber attacks on South Korean media companies, military and government networks, banks, and universities. Some of the first attacks blamed on the North occurred in 2009 and the South has regularly blamed the North for cyber attacks since, with Korean and international analysts noting both similar tactics and the attacks’ growing technical sophistication.

While North Korean decision-making may appear opaque and often outlandish to outside observers, this does not mean the country lacks technical skill, as evidenced by its successful nuclear and ballistic missile programs. The North’s technology has even attracted an international following, most notably from Iran.

In 2012, Iran and North Korea signed a framework agreement on technology sharing that formalized ongoing IT, nuclear, and other tech-related cooperative development efforts. This cooperation has increased Iran’s cyber capabilities, exhibited most clearly by an October 2012 cyber attack on Saudi Arabia’s Aramco Oil. By 2013, experts had begun to note technical and tactical similarities in attacks separately attributed to Iran and North Korea, including a series of disruptive attacks that led major U.S. banks to request help from the NSA. Related writings on Iranian attacks can be found here.

Share

North Korea’s Sony Cyber Attack: North Korea 1 … Sony 0 … Free Speech 0 … U.S. 0

With the dual announcements that Sony is canceling ‘The Interview’ and the U.S. believes North Korea is behind the cyber attack on Sony that led to the movie’s cancellation, we all just got to witness a textbook case of successful cyber and psychological operations. Ironically, the success came from a country commonly viewed as a technology backwater – North Korea.

Since information on the movie first started to appear, the North has made it very clear that it objected to the movie, especially the purported assassination of its leader. As production finished and the release date neared, with no sign of the movie being cancelled, the North apparently decided to try options aside from public objections.

Military, diplomatic, and economic options likely offered limited ability to get the movie canceled, especially when compared to cyber options – a skillset the North has been honing for years. Step one would be to get inside Sony’s systems, step two would be to steal or destroy the movie. Failing that, psychological operations (what the U.S. military calls ‘information operations’) came into play. By releasing the most salacious information gained during the attack, the hackers were able to gain massive amounts of media coverage.

Share

North Korea and Iran – cyber power BFFs?

UPDATE (22 FEB 2015): New story from longtime Korea-watcher Donald Kirk on how Iran’s ties to North Korea may hamper any DC-Tehran nuclear deal.

NK-IRAN-US

UPDATE (18 DEC): The U.S. has reportedly concluded that North Korea was responsible for the cyber attack on Sony. The report goes on to mention an Iranian – North Korean connection, based on similar techniques used in the Sony attack and previous attacks in South Korea and Saudi Arabia. No word yet on a decision regarding response measures, if any.

Since the signing of a 2012 pact on IT research cooperation between Iran and North Korea, there have been a series of reports on cyber activities and attacks conducted by the two nations. This year alone we have a cyber attack on the Sands Casino in Las Vegas (widely attributed to Iran), an attack on Sony that’s still making headlines (widely attributed to North Korea), and a report last week from a leading cyber security firm highlighting Iranian advances in cyber capabilities likely developed in conjunction with North Korea.

Prior to Sony (if indeed that attack was carried out by the North), Pyongyang had been blamed for a series of attacks on South Korean banking, media, and other websites. In one attack, targeting Nonghyup, the agricultural bank, 30 million customers spent days locked out of their accounts.

In 2012, Iran was blamed for a series of attacks targeting U.S. banks and financial institutions. While damage was limited, the banks involved did eventually turn to the NSA for help. Much of the reporting on Iran has highlighted Iranian attention to the cyber domain in the wake of the successful/disastrous (depending on your point of view) Stuxnet attack on Iran’s nuclear program. This attack awakened the regime to both the dangers and opportunities of the cyber domain, and Iran has been rapidly working to expand its capabilities ever since – including the 2012 agreement with North Korea mentioned above.

Share

Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power

[Book Review] The author, David Sanger, appears to have better access to classified information than most gov’t intel analysts; he certainly has better access to policy makers and strategists. The coverage of cyber operations, especially Stuxnet and Olympic Games, is the most powerful and revealing section of the book – given that Sanger was at the forefront of breaking these stories in the media, hardly a surprise.

The book, with its insider, high-level accounts of foreign policy strategy and operations covering much of Obama’s first term, practically puts you in the White House, but, perhaps inadvertently, it also serves as a reminder of the large gap between high level policymakers and low-level analysis/analysts. Specifically, as a former Asia analyst for the Joint Chiefs, it reminded me that academics and the media, even with only limited access to (formerly) classified information, are often better at predicting and spotting new, unexpected trends than those buried deep within government. So much intel analysis focuses on dealing with our software systems, building collections databases, and making link diagrams – all useful at a mechanical, tactical level – that the focus can narrow and turn reactive, missing broader, strategic level developments often apparent to those on the ground overseas … ala some members of the media, academia, and expat business folks.

While not an explicit message of Sanger’s book, which focuses much of its attention on how Obama’s team handled its foreign policy “inheritance” from the Bush era wars, the gap between inside intel and outside reporting becomes an easy takeaway.

Share

North-South tensions on the Korean peninsula – indicators for the future

UPDATE (3 April): The North closed entry to Kaesong today for South Koreans, but allowed those present in the complex to either remain in the North or head home to the South. Citing business and production concerns, only 33 of 446 South Korean workers in the complex actually came South, with the rest remaining behind to tend to their work or business interests. Posing the somewhat interesting question – given a choice, would you elect to stay in North Korea right now for your employer or business?

Previous closures have been short-lived, with few repercussions for those remaining behind, those who left, or the businesses located in the zone. Time will tell if this closure ends the same. Either way however, today’s closure signals a further heightening of tensions and worsening of inter-Korean relations.

UPDATE (1 April): The North actually threatened to close the Kaesong complex over the weekend, but most doubt they will follow through on the threat. If the North’s leadership is under the illusion that shutting the facility will hurt the South worse than the North they might be tempted, but short of that level of cluelessness, the North is unlikely to close such a prime hard currency source.

UPDATE (28 March): Reuters catching on to the idea of Kaesong as an indicator of the true level of tension on the Korean peninsula: Despite threats, North Korea keeps border factories open.

Every time tensions rise on the Korean peninsula, people start asking what’s going to happen next. Is there going to be a war? Will tensions cool? Will the North conduct an additional rocket or nuke test? Will there be another cyberattack or similar provocation? While no one outside of the North’s inner circle (now including Dennis Rodman?) can say for sure, there are a few indicators.

One I’ve discussed before is the status of the joint North-South economic development zone in Kaesong, just north of the DMZ. If the North suddenly closes the zone, or takes as hostages any South Koreans remaining in the zone, then that’s obviously not a good sign. Similarly, if the South orders its people out of Kaesong and forbids more to enter, that’s an indicator the South is expecting the situation to worsen, or is planning a response to a Northern provocation. South Korea’s president mentioned her concern about the North taking hostages at a meeting just this morning, indicating high-level concern over the issue in the South, but no plans to recall its citizens.

Other indicators, aside from updated imagery showing North Korean troop movements, include the North shutting down or greatly restricting access to its relatively new domestic cellphone service. I also detailed this indictor previously, calling any curtailment in service a sign the North was cracking down on or attempting to prevent internal dissent, or was suddenly concerned about a new threat.

More stories about South Korean military and defense officials spending their time playing golf instead of monitoring developments indicate the South’s level of concern over a possible provocation. While reports of more North Korean deserters, especially among frontline troops near the DMZ, show both military weariness and loss of capability for a conventional strike in the North.

Finally, the South raised its ‘cyber alert level’ on 12 February in response to North Korea’s most recent nuclear test. A further increase, or reduction, in this level is also a sign of where the South believes the situation is heading.

Hopefully, amid all of the fuss, bluff, and thunder on the peninsula, these indicators prove useful for predicting the course of future events in Korea, whether war, nothing more than talk, a conventional Northern provocation, or another Northern cyberattack on the South.

Share

North Korea conducts third nuclear test: two alternate response proposals

It appears the North is doing exactly what it said it was going to do – become a nuclear state, then, like every other nuclear state before it, develop a weapon small enough to fit atop a missile. This should be no surprise, the North’s takeaway from the war in Iraq was that it needed nukes to ensure its security; it literally mocked Qaddafi for being tricked into giving up his pursuit of nukes:

“The present Libyan crisis teaches the international community a serious lesson. It was fully exposed before the world that ‘Libya’s nuclear dismantlement’ much touted by the U.S. in the past turned out to be a mode of aggression whereby the latter coaxed the former […] to disarm itself and then swallowed it up by force. It proved once again the truth of history that peace can be preserved only when one builds up one’s own strength.” [KCNA website, 24 March 2011].

The idea that additional UN sanctions, much discussed in today’s reporting, will push North Korea from this path is delusory. This is a country that is already one of the most sanctioned on earth and operates under an ideology of self-reliance so stringent it views international trade as a weakness. Expecting anything different from additional sanctions brings to mind the old saw about doing the same thing over and over again and expecting a different result.

Share

South accuses North of cyberattacks; Pyongyang relying less on spies, more on cyber?

The South officially accused the North today of launching a cyberattack against the JoongAng Ilbo, a conservative daily in the South. More interesting is what the South’s investigation also discovered – since 2009, the North’s cyber attacks on the South (targeting banks, elections, universities, and other organizations) have used the same China-based IP address owned by North Korea’s Ministry of Post and Telecommunications.

Share

Kaesong and the North’s cellphone network – two indicators of conditions on the peninsula

UPDATE (8 Feb.) – Earlier this week, South Korea announced a possible increase in inspections of goods headed into Kaesong based on tightened UN sanctions of North Korea (due to the December rocket test). North Korea, in it’s typical calm, understated fashion, threatened to return the entire industrial complex to a military zone due to the provocations from the South’s “puppet Ministry” in charge of the inspections. By Friday, South Korea had backed down, announcing that the “government does not consider the Gaeseong Industrial Complex as a means of sanctions against North Korea.” The North’s reaction and the South’s move to calm the issue, all in less than a week, show both the importance and sensitivity to Kaesong in both countries.

In a previous column on heightened tensions between North and South Korea over the sinking of the Cheonan, a South Korean naval ship, and the North’s shelling of the South’s Yeonpyeong Island, I highlighted Kaesong as a key indicator. If the joint North-South industrial complex at Kaesong remained open, tensions were not that serious and would soon ease. If the South withdrew its people from the complex however, that would indicate relations were about to get much worse, including a possible retaliatory strike by the South on the North.

As we now know, conditions in the complex remained largely the same and tensions on the peninsula soon cooled.

With the upcoming rocket launch by the North, Kaesong remains a good indicator of actual relations between the two countries. Post-launch, if operations in the complex remain normal, then relations will soon return to an even keel. However, any withdrawal by the South, or expulsion by the North, indicate a much greater risk of instability and/or provocative actions.

Share