The Duck of Minerva

Cyber Developments: National Security Edition

21 April 2009

The Wall Street Journal reported today that hackers have breached classified data on the United States’ Joint Strike Fighter (JSF) program (the F-35). (For those without a subscription, here is the Reuters story). The scale and nature of information the hackers were able to obtain appears quite significant–however, the most sensitive data did not reside on servers connected to the web, which is good news.

The default suspect is, of course, China (why you say? see here). However, given the value of the data for both potential adversaries and, frankly, countries that are not in some way privey to this program (for an overview of international participants and potential buyers, see here), there should be no shortgage of potential suspects. I’d like to float a specific one: North Korea

North Korea has both the motive and, potentially, the means for carrying out such an attack.


The DPRK has both a security and financial motive for stealing information regarding the JSF program. Security wise, the US is an obvious adversary. It isn’t beyond reason that the JSF could, at some point, be used against them in some sort of defensive or preventive strike. Devising ways to counter the advanced aircraft would certainly be useful. Financially speaking, it is no secret that the DPRK is a major arms trader and has no qualms about doing business with regmies that are hostile to the United States and its allies. One can imagine a healthy market for such intelligence.
It’s all well and good to have motive, but could the DPRK actually pull it off? Possibly. The North Koreans have already launched cyber attacks against South Korea and, interestingly enough, hacked into the US Department of Defense. While information on the regime is always foggy, it appears that this is an area of relative strength for the North and one where they are investing for the future (for a summary of capabilities, see here).

Admittedly, this is all conjecture on my part. Regardless of the identity of the perpetrator, this event does raise some interesting questions about Cyber security and assymetric warfare.