South Korea's strange cyberwar admission

By Joe Boyle
BBC News

  • Published
A sign at Cyber Terror Response Center of National Police Agency in Seoul, South Korea, file imageImage source, AFP
Image caption,
South Korea has already built a formidable anti-cyberwar infrastructure

We usually think of cyberwar as a secretive world, dominated by spooks and shadowy government agencies. So why did South Korea recently admit that it is developing a cyberweapon to cripple the North's nuclear capabilities?

Almost every nation with enough cash is funding its own cyberwar programme. But few nations have made the the details public, and fewer still have openly identified their intended target.

South Korea defence chiefs broke those unspoken rules on 19 February by outlining their aim to develop a cyber-tool aimed specifically at knocking out North Korea's nuclear capabilities, according to Yonhap news agency.

Their blueprint appears to be a 2010 cyber-attack on Iran, which used software known as Stuxnet to damage nuclear facilities. Although the US and Israel are often accused of launching the attack, neither nation admitted involvement.

There are very good legal and political reasons for keeping such activity under wraps. Not least because a cyber-attack could lead to a counter-attack with conventional weapons. In South Korea's case, the North could theoretically now build a legal case for launching missiles over the border.

Eric Jensen, a professor at BYU Law School in the US, says that assuming last month's announcement was an official statement of South Korea's intentions, the North could mount a legal argument based on anticipatory self-defence - the same rationale that the US has used to justify its so-called war on terror.

"Anything that was playing a significant role in preparing or launching a potential cyber-attack would become a target," he says.

The North has utilised anticipatory self-defence arguments before, particularly to argue that the US would be a legitimate target for a pre-emptive nuclear strike. After all, if the US could attack another country simply because it felt under threat, then there was no logical reason why North Korea did not have the same right.

It seems unusual, then, for the South to have made such an announcement. Perhaps they wanted to send a message to the North. It must be remembered that over the years the North has regularly threatened to destroy the South, using bloodcurdling language.

Image source, Reuters
Image caption,
The North-South border is famously tense

Caroline Baylon from Chatham House think-tank believes the South was thinking of deterrence, particularly since the North is believed to have launched a series of debilitating cyber-attacks on its neighbour during 2009 and 2013.

"South Korea is an extremely wired country, so has a lot to attack. Unfortunately for the South Koreans, North Korea has extremely limited internet connectivity and hence is a target-poor country," she says.

"Hence, the only option is [conventional] war - or convincing the North Koreans that they can attack them in cyberspace as well."

But it is a dangerous game. Russell Buchan, a law lecturer at Sheffield University, has suggested that the South's threat to use Stuxnet-type software may itself have broken international law's prohibition on using or threatening to use force against another state, as outlined in Article 2 of the UN Charter.

"If you think, as I do, that Stuxnet represented an unlawful use of force, then the threat to use a similar weapon is also unlawful. So South Korea is on very shaky ground," he says.

There is also always the danger that the North simple ignores the niceties of international law. Sean Watts, a law professor at Creighton University in the US, points out that the South should have considered the possibility of a violent reaction from the North before publicising its intentions.

"While my sense is that some international lawyers would regard an operation against [North Korea's nuclear] facilities as lawful given the direct and serious threats the North Korean government makes against the South, the feasibility and likelihood of a wildly disproportionate reaction from the North seems likely enough to give the South serious pause," he says.

Image source, AP
Image caption,
South Korea is one of the world's most wired societies, and has a great deal to lose from cyber-attacks

And there is an added legal headache for South Korea. As the two nations never signed a peace treaty at the end of the 1950-1953 war, they are often said to be "technically at war" with each other. Although this designation has no legal force, it is often used as an excuse by the North to launch attacks.

Under the law of armed conflict, the North would be legally allowed to attack "military objects" within South Korea. Those objects are usually regarded as military installations, soldiers, and infrastructure directly involved in the war effort, such as arms factories.

In a cyberwar, it is unclear who the defending nation could legitimately target. The people pushing the metaphorical button to launch the virus? The software developers working for private companies helping to develop the virus? The communications networks used to transmit information about the virus?

These scenarios might sound far-fetched, but they are being played out by strategists across the world, and studied in a growing body of legal scholarship. If there is any place on Earth where escalation is possible, it is the Korean peninsula. South Korea's Western allies will no doubt be hoping for fewer statements of this kind from the top-brass in Seoul.