The US might not have had much success with cyberattacks against North Korea’s nuclear program , but that apparently hasn’t stopped officials from further efforts… not that they’re having much success. The New York Times has learned that then-President Obama ordered escalated cyberwarfare against North Korea in 2014 a bid to thwart its plans for intercontinental ballistic missiles. However, it’s not clear that this strategy has worked — and there may be problems if it does. The newspaper understands that Obama pushed both intelligence agencies and the military to “pull out all the stops” on cyberwarfare efforts to wreck missiles either before they launch or in the first seconds afterward. While evidence shows that North Korean missiles started floundering at a very high rate (the mid-range Musudan missile has an 88 percent failure rate) soon after, it’s not certain how much of that was due to American efforts versus the inherent riskiness of the missile designs. The US effort “accented the failures, ” according to the Times , but the launch rate has improved lately — and proper intercontinental missile tests might not be far off, if you believe North Korean leader Kim Jong-un. A large part of this comes from the natures of both the country and its missile efforts. North Korea is notoriously isolated from the internet (not to mention computing technology as a whole), and its missile systems are both mobile and shuffled around to confuse enemies. It’s not so simple as slipping malware into the computers at a fixed location, like with the Stuxnet attack against Iran — you need to find out where and when a launch will take place. President Trump hasn’t signaled if or how his administration might change this approach. Everything is still on the table, according to the Times . However, it might not want to press much harder. If a digital campaign is successful, it might give China, Russia and other nuclear-armed nations tacit permission to attack American nuclear launch systems. A belligerent country might be more tempted to launch a nuke if it knows that the US can’t respond in kind. Source: New York Times
See more here:
US hopes cyberattacks will stall North Korea’s missile program
Trailrunner7 quotes a report from On the Wire: A new bill intended to update the Computer Fraud and Abuse Act would allow victims of computer attacks to engage in active defense measures to identify the attacker and disrupt the attack. Proposed by Rep. Tom Graves (R-Ga.), the bill would grant victims of computer intrusions unprecedented rights. Known as the Active Cyber Defense Certainty Act, the legislation seeks to amend the CFAA, the much-maligned 1986 law that is used in most computer crime prosecutions. The proposed legislation includes the caveat that victims can’t take any actions that destroy data on another person’s computer, causes physical injury to someone, or creates a threat to public safety. The concept of active defense has been a controversial one in the security community for several years, with many experts saying the potential downside outweighs any upside. Not to mention that it’s generally illegal. Read more of this story at Slashdot.