Cyber Warfare, Asymmetric Advantage, and Limiting Factors

According to The BBC the DPRK successfully hacked the Republic of Korea’s Ministry of Defense. This includes contingency plans developed with the US.

Hackers from North Korea are reported to have stolen a large cache of military documents from South Korea, including a plan to assassinate North Korea’s leader Kim Jong-un.

Rhee Cheol-hee, a South Korean lawmaker, said the information was from his country’s defence ministry.

The compromised documents include wartime contingency plans drawn up by the US and South Korea.

They also include reports to the allies’ senior commanders.

The South Korean defence ministry has so far refused to comment about the allegation.

Plans for the South’s special forces were reportedly accessed, along with information on significant power plants and military facilities in the South.

This type of cyber warfare, specifically an act of espionage in the cyber domain, provides the DPRK with an asymmetric informational advantage. This advantage creates a limiting factor for the ROK, the US, and their allies in attempting to deter the DPRK’s actions and activities. A limiting factor is defined in Joint Publication 1-2/Department of Defense Dictionary of Military and Associated Terms as:

A factor or condition that, either temporarily or permanently, impedes mission accomplishment. (from Joint Publication 5-0/Joint Operational Planning)

If the reports about this hack are correct, the US’s military options, which were already constrained by the physical and human geography of the Korean peninsula, have now been further narrowed by enemy action. While US military planning is continuously updated with plans and sequels being adjusted as needed, they are usually based on a consensus understanding of the potential operating environment. This includes an understanding of the challenges and opportunities that arise from everything from the political to infrastructure to the geography of where the US may have to deploy military forces. What the DOD planners will have to do now is go back and review the consensus that the contingency plans were based on to determine if they have the operational space to develop new plans for the same potential operating environment that both achieve the same strategic effects and are significantly different enough to neutralize the asymmetric information advantage that the DPRK now has.

59 replies
  1. 1
    Corner Stone says:

    While I understand this is serious. Did we really have any “contingency” plans in place with Trump as CinC?

  2. 2
    Adam L Silverman says:

    @Corner Stone: Yes.

  3. 3
    gene108 says:

    How come we can’t hack other countries like Russia or North Korea? WTF is the NSA doing with the billions it gets every year?

  4. 4
    Corner Stone says:

    Your SecState calls you a fucking moron. The Chairman of the Senate FRC almost flatly states you have dementia and have no understanding what your actions are leading to. Not one R Senator has contradicted Corker so far.
    Who do we believe is going to be able to discuss the nuance involved with contingency planning with Trump?
    “Where’s that shiny red button?”

  5. 5
    raven says:

    “The hack took place in September last year. “

  6. 6
    raven says:

    @gene108: So you figure if and when we do it would be a good idea to publicize it?

  7. 7
    SiubhanDuinne says:

    I heard that hacking story through my fog of sleep at 5:00 this morning (my NPR station airs BBC at that hour) but went back to sleep and forgot about it. Is anyone apart from the Beeb reporting this?

    On an unrelated topic I’ve been thinking about:

    One of the things I most detest about the Trumpies is that they can’t do anything — propose legislation, impose new regulations, roll back existing regulations, sign Executive Orders, put out rulings — without taking some kind of gratuitous swipe at the Obama Administration. There always has to be some nasty comment about how horrible it’s been (whatever “it” is) for the past eight years, or how short-sighted and harmful the policies of the previous president were, or how we’re going to correct this awful injustice perpetrated by Obama.

    The latest (though surely not the last) example is EPA’s Pruitt earlier today announcing his proposal to repeal curbs on greenhouse gas emissions from existing (coal-fired) power plants.

    “We are committed to righting the wrongs of the Obama administration by cleaning the regulatory slate,” Pruitt said.

    These people wound this country at every turn, and then insist on rubbing salt into every one of those wounds by slamming Obama. They do it with glee. They are sadistic in their enjoyment.

  8. 8
    Adam L Silverman says:

    @gene108: Who says we can’t and/or don’t?

  9. 9
    Bex says:

    OT, but what is the U.S. military doing in Niger? Just heard about the two Green Berets and two support personnel killed their last week. Two other support people were injured and recovering in Germany.

  10. 10
    rikyrah says:

    @Corner Stone:

    Your SecState calls you a fucking moron. The Chairman of the Senate FRC almost flatly states you have dementia and have no understanding what your actions are leading to. Not one R Senator has contradicted Corker so far.
    Who do we believe is going to be able to discuss the nuance involved with contingency planning with Trump?
    “Where’s that shiny red button?”

    I hear you.

  11. 11
    rikyrah says:

    @Bex:

    OT, but what is the U.S. military doing in Niger? Just heard about the two Green Berets and two support personnel killed their last week. Two other support people were injured and recovering in Germany.

    I thought three were killed.
    But, yeah, had no idea that we had troops in Niger.

    OF COURSE… no Congressional Hearings on it…

    Uh huh

  12. 12
    ljdramone says:

    @gene108:

    How come we can’t hack other countries like Russia or North Korea? WTF is the NSA doing with the billions it gets every year?

    Well, I’m sure they’re not spying on you, Citizen, because that would be illegal.

    Whoops, wait a sec…. Never mind.

  13. 13
    Spanky says:

    @raven: Exactly. From the BBC article:

    Mr Rhee belongs to South Korea’s ruling party, and sits on its parliament’s defence committee. He said some 235 gigabytes of military documents had been stolen from the Defence Integrated Data Centre, and that 80% of them have yet to be identified.

    The hack took place in September last year. In May, South Korea said a large amount of data had been stolen and that North Korea may have instigated the cyber attack – but gave no details of what was taken.

    Kinda makes you wonder why it’s suddenly in the news today. (No, I actually have a pretty good idea why.)

    @gene108:

    How come we can’t hack other countries like Russia or North Korea? WTF is the NSA doing with the billions it gets every year?

    Just because you haven’t heard about it doesn’t mean it hasn’t happened. And you won’t hear about it … at least until maybe the next “whistleblower”.

  14. 14
    Corner Stone says:

    I feel like we’re back in Miller’s Crossing. Trump is pissed at John Kelly because he’s been giving him the high hat.

  15. 15
    Corner Stone says:

    @Spanky:

    Kinda makes you wonder why it’s suddenly in the news today. (No, I actually have a pretty good idea why.)

    I’ll bite. Why?

  16. 16
    Corner Stone says:

    Seth takes a closer look at the very real consequences of electing a lazy, ignorant racist as president.
    “An island. Surrounded by water. Big water. Ocean water.”

  17. 17
    Adam L Silverman says:

    @Corner Stone: US military planning, contingency planning, and crisis action planning are conducted for the senior uniformed and civilian leadership. Even the stuff produced at the highest levels is still quite granular and detailed. What is briefed to the President are not these details. Let’s do this as a thought exercise:
    President Snuffy informs the Secretary of State, the Chairman of the Joint Chiefs of Staff, the Secretary of Defense, and his National Security Advisor that the US policy regarding the DPRK’s weapons program is to prevent them from achieving the ability to repeatedly successfully miniaturize a warhead and the ability to mount it to an ICBM and deliver that weapons package against a target. The National Security Advisor, working in conjunction with the appropriate principles in the Interagency, will then pull together a proposal for President Snuffy. This proposal traditionally no longer than 3-5 pages has no less than 3 options with each option delineated in two to four paragraphs each. One option is almost always status quo/stay the course. Each option is evaluated according to its feasibility, acceptability, and suitability (the FAS test). One briefed to and reviewed by President Snuffy, he will, at some point, notify his team which option he has chosen. Once that happens then the appropriate plans are reviewed, updated as necessary, and implemented.

    Back in the real world, based on a couple of news reports from over the summer, it appears that the President only likes to be briefed on one option. This is a radical change from how this business is done. That said, the process works the same way. The President says yes or no or I don’t like any of these. If it is yes or no, then everyone moves out smartly and executes the orders. If it is I don’t like any of these options, then new options are put together through the same process delineated above. While Tillerson is new to this, Mattis and McMaster as two of the three senior principals here are intimately familiar with this process. As is Kelly.

  18. 18
    rikyrah says:

    @SiubhanDuinne:

    One of the things I most detest about the Trumpies is that they can’t do anything — propose legislation, impose new regulations, roll back existing regulations, sign Executive Orders, put out rulings — without taking some kind of gratuitous swipe at the Obama Administration. There always has to be some nasty comment about how horrible it’s been (whatever “it” is) for the past eight years, or how short-sighted and harmful the policies of the previous president were, or how we’re going to correct this awful injustice perpetrated by Obama.

    They are sociopaths.
    THE.ENTIRE.LOT.OF.THEM.

  19. 19
    Adam L Silverman says:

    @raven:

  20. 20
    Mike J says:

    @Bex:

    Just heard about the two Green Berets and two support personnel killed their last week.

    Didn’t hear about it from trump, did ya? Service members killed overseas, not one word from him. Black people upset about government sanctioned race based murder he views as an attack on “the troops”.

  21. 21
    Brachiator says:

    Mr Rhee belongs to South Korea’s ruling party, and sits on its parliament’s defence committee. He said some 235 gigabytes of military documents had been stolen from the Defence Integrated Data Centre, and that 80% of them have yet to be identified.

    On the surface, this appears to be some grade A level hacking.

    Why is it that it appears that we don’t have a good counter-hacking strategy in place? And I say “appears” because I really don’t know what is happening in this area, or why no one is asking questions about it, or why it does not appear to be a priority of this administration, or perhaps even past administrations.

  22. 22
    Adam L Silverman says:

    @SiubhanDuinne: The original reporting was from a South Korean news source. It has been confirmed by a member of the ROK parliament and has also been reported at CNN and several other outlets.

  23. 23
    Adam L Silverman says:

    @Bex: Foreign Internal Defense (FIDS). This is one of the primary missions of Green Berets. Niger is an important partner in trying to interdict violent extremists movement through the Sahel. I’m planning to do a post on this either later today or tomorrow.

  24. 24
    Adam L Silverman says:

    @rikyrah: 4. A fourth Green Beret was captured. This was originally misreported as a member of the Nigerian Special Forces we are partnered with. His body was recovered about 48 hours out.

  25. 25
    Adam L Silverman says:

    @ljdramone: I don’t think that last link is actually a NSA website. the .gov1 is the giveaway.

  26. 26
    Corner Stone says:

    @Adam L Silverman:

    Back in the real world, based on a couple of news reports from over the summer, it appears that the President only likes to be briefed on one option.

    “Which one gets the highest ratings, the very best reviews?”

  27. 27
    Arclite says:

    Why aren’t these kinds of installations air-gapped to prevent hacking?

  28. 28
    Adam L Silverman says:

    @Brachiator: This wasn’t a hack of a US system. It was a hack of a ROK system.

  29. 29
    Adam L Silverman says:

    @Corner Stone: Who knows.

  30. 30
    Adam L Silverman says:

    @Arclite: They’re supposed to be. The problems are often human failures, not tech – hardware and software. And this includes when humans decide to use inappropriate tech solutions to secure these systems. The US is just now formally prohibiting the use of Kapersky security software on US government systems. That’s a human error in decision making. Which is just as bad as a human failure in securing information.

  31. 31
    Corner Stone says:

    @Adam L Silverman: I understand you are spending your valuable time giving us here perspective and real world introspection. I am not making light of that in any way. But to quote a wise man, “We are through the map and off the looking glass here.”
    There is nothing, *nothing*, about the way these institutions have traditionally performed that is going to hold up under pressure from this specific POTUS.

  32. 32
    Spanky says:

    @Corner Stone: Sends one msg to NK and one to Trump. Tells NK that the hack is known (although that’s probably not news to NK) and that those plans are no longer operational. Reminds Trump that any action towards NK now has a reduced probability of success and please please Mr. Trump don’t get us all incinerated.

  33. 33
    Corner Stone says:

    IOW, the significant available parties are fully aware of what needs to be done. The fact that each day passes without that action leads me to believe that contingency planning and real world briefing don’t matter a hill O beans.

  34. 34
    Adam L Silverman says:

    @Corner Stone: Let me give you a little perspective from experience:

    The United States Army: 242 years of tradition unimpeded by progress”.

  35. 35
    Corner Stone says:

    @Spanky: NK already knew what they were going to do. Where did we think US personnel was going to land or be routed through in any series of conventional conflict? I played RISK when I was a lad, this shit is easy to figure out.

  36. 36
    Bex says:

    @Adam L Silverman: Thanks. Looing forward to your post.

  37. 37
    Adam L Silverman says:

    @Bex: It is largely going to refocus on the post I did over the summer about readiness and capability. The problem with these missions in Africa is that we have almost no assets in the area of responsibility (AOR). So when something goes wrong, like it did with this operation, there’s no cavalry coming over the hill. Commander US Army Africa is also the theater army commander for the Africa area of responsibility. He has NO theater army! He has a conventional Army brigade combat team allocated to him that get’s pulled apart for support missions. So when this Operational Detachment Alpha (ODA) came under fire with their host country partners and called for relief, there weren’t any Apaches or Kiowas that could be put in the air for close air support. Nor were there any Blackhawks anywhere near the fight that could be brought in for casualty evacuation (CASEVAC). Instead the ODA had to wait for other Green Berets to mobilize, mount up in their vehicles, and drive to the fight to provide relief.

    This is a readiness and capabilities breakdown. Outside of Iraq/Syria, Afghanistan, and the ROK and Japan in the Asia-Pacific, we do not have the assets we need in the places we need them to support the missions that our special operating and/or conventional forces are tasked with if something goes wrong. What happened in Niger is no different than what happened in Benghazi, with the one exception that we had other Green Berets, host country partners from Niger, and were able to pull support from allied French Special Forces in the region to respond. But these three sets of assets were all in the vicinity. They could respond, even if the timing was not optimum for the distances needed to be crossed and the support that was needed to relieve the threat on the Green Berets in contact with the enemy. As I wrote over the summer eventually something has to give. Either we have to seriously reconsider what it means to have an expeditionary military and to task them to do everything from digging wells to teaching host country engineers to build structures to conventional and unconventional warfare or we have to seriously reconsider how we’re organized and what is funded.

  38. 38
    Cheryl Rofer says:

    To the questions of why the US is not (seems not to be) doing similar hacking:

    This is one of the differences between physical war and what is called cyberwar (although I don’t like that last term). If you have a physical battle, it’s impossible to hide that fact. But in the cyber domain, the public usually doesn’t see what is going on. There is one more variable to decide about: whether to announce you have done a hack or have been hacked. A lot goes into those decisions, particularly in the first category. It may be best to leave the other party guessing about who did the hack; that way they have to guard against multiple possibilities. Announcing a hack may give the other party information about how you did the hack. And so on. The second category is somewhat more likely to lead to a public announcement, which amounts to “We know you did it, so we know more about you than you may realize.”

    The strategy of this is interesting and not fully worked out yet.

    You can bet that the United States is trying, sometimes successfully, to hack North Korea, Russia, you can probably name a few more. But the nature of those regimes is more secretive than ours, so they are less likely to say something about it. Also, we have the balance of power, so they are less likely to want to rile us up. And we’re unlikely to say anything unless we get something really damning.

  39. 39
    Corner Stone says:

    I, for one, can not WAIT until Trump declares the US is backing out of the Iran deal.

  40. 40
    Stan says:

    @gene108:

    How come we can’t hack other countries like Russia or North Korea? WTF is the NSA doing with the billions it gets every year?

    Two things: One – what makes you think we haven’t? To the extent our military and the NSA have any brains at all, they aren’t telling folks like you and me what their capabilities are.

    Two – their command and control is so much more rigid than ours, and their scope for initiative so much smaller, that we will probably *always* have info and command advantages even if we’re hacked.

  41. 41
    Jeffro says:

    I can’t focus on anything other than the upcoming IQ death match between Tillerson and Trumpov, so I’ll have to bookmark this post for later. Will it be a Jeopardy-style quiz show, or should they both take the SAT, or perhaps we could just have them both sing the alphabet song and see who makes it the whole way through? ‘Cause it won’t be both of them, BELIEVE ME…

  42. 42
    Stan says:

    @Adam L Silverman:

    Mattis and McMaster as two of the three senior principles here

    “Principals”….I worry about what’s left of their principles. I used to really admire McMaster.

  43. 43
    Jeffro says:

    @Cheryl Rofer: North Korea does have a bit of an advantage – we could hack them and turn off their power grid, but that’s like six lamps and a streetlight in the center of downtown Pyongyang. No big win there.

    However, if they turn ours off, 30 million Madden 2017 and Assassin’s Creed fanboys would hit the streets and riot, to say nothing of all the American Lite Beer Soda that would warm up and spoil without refrigeration. Over a barrel, we are…

  44. 44
    Adam L Silverman says:

    @Stan: Fixed.

  45. 45
    Miss Bianca says:

    @Adam L Silverman:

    What happened in Niger is no different than what happened in Benghazi, with the one exception that we had other Green Berets, host country partners from Niger, and were able to pull support from allied French Special Forces in the region to respond.

    No, Adam, there is another difference – there will be no, count ’em, NO Congressional investigations – let alone dozens – into why Secretary of State/Exxon Tillerson – and by implication, President Trump – are completely and uniquely to blame for What Happened in Niger.

  46. 46
    Adam L Silverman says:

    @Miss Bianca: That isn’t a difference of what happened on the Niger/Mali border. It is a difference in how the US political and news media establishments will respond to it.

  47. 47
    Miss Bianca says:

    @Adam L Silverman: Oh, okay, if you’re going to get all *technical* on my ass… //

    More seriously, I guess my point, besides cheap jibes, would be that there will BE no political fallout for serious military preparedness problems. Or soul/procedure/strategy/tactics searching. Not for this klown krewe. Related to this other point of yours:

    Either we have to seriously reconsider what it means to have an expeditionary military and to task them to do everything from digging wells to teaching host country engineers to build structures to conventional and unconventional warfare or we have to seriously reconsider how we’re organized and what is funded.

  48. 48
    gene108 says:

    @Bex:

    OT, but what is the U.S. military doing in Niger?

    I believe helping to go after Boko Haram and other African terrorist groups.

  49. 49
    rikyrah says:

    @gene108:

    I believe helping to go after Boko Haram and other African terrorist groups.

    I thought Boko Haram was Nigeria?

  50. 50
    Chris says:

    @Adam L Silverman:

    Either we have to seriously reconsider what it means to have an expeditionary military and to task them to do everything from digging wells to teaching host country engineers to build structures to conventional and unconventional warfare or we have to seriously reconsider how we’re organized and what is funded.

    I read the same thing years and years ago when General Zinni, the former CENTCOM guy, wrote his autobiography. That the military kept getting stuck with things that seriously should not be its purview (“operations other than war”) and that it was time to give civilian agencies the resources they needed to do the job. Or rethink for realz what the military’s mission was.

    So the good news is, apparently there are people even in the highest latitudes who realize this too! The bad news is, I can’t imagine anything like that happening any time soon.

  51. 51
    Miss Bianca says:

    @rikyrah: Niger, Nigeria…Nambia, Namibia…who can keep ’em all straight?//

  52. 52
    Brachiator says:

    @Adam L Silverman:

    This wasn’t a hack of a US system. It was a hack of a ROK system.

    An ally who we are treaty bound to defend. Wouldn’t we have some input into the security of systems that might involve US operations?

  53. 53
    Cermet says:

    Last I checked, you stupid fucks in the ROK, that is what the enemy is supposed to do! That is their job just as preventing this colossal breach is or was your fucking job you stupid group of utter ass wipes. If war does break out, this might kill large numbers of amerikan soldiers and many Koreans. Beyond the pale.

  54. 54
    Adam L Silverman says:

    @rikyrah: Boko Haram is transnational in the Chad basin and through the Sahel. Because Boko Haram is Fulani and the Fulani are transnational in the region. The only Fulani who don’t hold the extremist views of Islam are the Fulani of Mali. Initially they thought this was al Qaeda in the Maghreb, or a Malian branch, they now think it is an ISIS aligned local group.

  55. 55
    Adam L Silverman says:

    We’ve replaced @Cermet‘s coffee with decaf. Let’s see if anyone notices…

  56. 56
    Adam L Silverman says:

    @Brachiator: I do not know.

  57. 57
    Bill Arnold says:

    @SiubhanDuinne:

    I heard that hacking story through my fog of sleep at 5:00 this morning (my NPR station airs BBC at that hour) but went back to sleep and forgot about it. Is anyone apart from the Beeb reporting this?

    yes, bunches, search news.google.com
    e.g. (foxnews.com)

  58. 58
    Bill Arnold says:

    Another ref to Rhee Cheol-hee, who from this at least cannot be cast as a wide-eyed peace-nic
    http://english.chosun.com/site.....00736.html

    In closing comments he added, “e need to consider” the re-deployment of U.S. tactical nukes “from the perspective of changing the entire game plan in dealing with the North Korean nuclear threat. I have realized that we could make strong demands to the U.S.”

    Here’s another report that might be independent of the bbc report:
    http://english.chosun.com/site.....01247.html

  59. 59
    J R in WV says:

    @Adam L Silverman:

    Pretty good jibe!! HaHa… I drink hi-test in the am, never have tasted decaf. I prefer tea, Darjeeling or Oolong, but hard to get it made right out in the world, so I’ve tried to develop a taste for good coffee. Kona for preference.

Comments are closed.