South Korea's strange cyberwar admission

A sign at Cyber Terror Response Center of National Police Agency in Seoul, South Korea, file image South Korea has already built a formidable anti-cyberwar infrastructure

Related Stories

We usually think of cyberwar as a secretive world, dominated by spooks and shadowy government agencies. So why did South Korea recently admit that it is developing a cyberweapon to cripple the North's nuclear capabilities?

Almost every nation with enough cash is funding its own cyberwar programme. But few nations have made the the details public, and fewer still have openly identified their intended target.

South Korea defence chiefs broke those unspoken rules on 19 February by outlining their aim to develop a cyber-tool aimed specifically at knocking out North Korea's nuclear capabilities, according to Yonhap news agency.

Their blueprint appears to be a 2010 cyber-attack on Iran, which used software known as Stuxnet to damage nuclear facilities. Although the US and Israel are often accused of launching the attack, neither nation admitted involvement.

Cyberwar and the law

  • Cyberweapons such as viruses and worms can cause real-world damage by disrupting electricity grids, hospital systems or nuclear plants
  • Any software used in a cyber-attack should conform to legal standards that have banned weapons such as landmines
  • The state deploying the weapon must ensure that it can be controlled effectively to minimise civilian casualties

Source: Dr Russell Buchan

There are very good legal and political reasons for keeping such activity under wraps. Not least because a cyber-attack could lead to a counter-attack with conventional weapons. In South Korea's case, the North could theoretically now build a legal case for launching missiles over the border.

Eric Jensen, a professor at BYU Law School in the US, says that assuming last month's announcement was an official statement of South Korea's intentions, the North could mount a legal argument based on anticipatory self-defence - the same rationale that the US has used to justify its so-called war on terror.

"Anything that was playing a significant role in preparing or launching a potential cyber-attack would become a target," he says.

The North has utilised anticipatory self-defence arguments before, particularly to argue that the US would be a legitimate target for a pre-emptive nuclear strike. After all, if the US could attack another country simply because it felt under threat, then there was no logical reason why North Korea did not have the same right.

It seems unusual, then, for the South to have made such an announcement. Perhaps they wanted to send a message to the North. It must be remembered that over the years the North has regularly threatened to destroy the South, using bloodcurdling language.

A North Korean soldier with a pair of the binoculars stands guard at the truce village of Panmunjom in the demilitarised zone separating the two Koreas, February 6, 2014 The North-South border is famously tense

Caroline Baylon from Chatham House think-tank believes the South was thinking of deterrence, particularly since the North is believed to have launched a series of debilitating cyber-attacks on its neighbour during 2009 and 2013.

"South Korea is an extremely wired country, so has a lot to attack. Unfortunately for the South Koreans, North Korea has extremely limited internet connectivity and hence is a target-poor country," she says.

Stuxnet

  • The Stuxnet worm used Microsoft Windows to attack industrial control systems
  • Can be spread by USB stick, so no internet connection is needed
  • Believed to have disrupted or damaged a large part of Iran's nuclear infrastructure in 2010 attack
  • Experts have consistently linked it to US and Israel government agencies

"Hence, the only option is [conventional] war - or convincing the North Koreans that they can attack them in cyberspace as well."

But it is a dangerous game. Russell Buchan, a law lecturer at Sheffield University, has suggested that the South's threat to use Stuxnet-type software may itself have broken international law's prohibition on using or threatening to use force against another state, as outlined in Article 2 of the UN Charter.

"If you think, as I do, that Stuxnet represented an unlawful use of force, then the threat to use a similar weapon is also unlawful. So South Korea is on very shaky ground," he says.

There is also always the danger that the North simple ignores the niceties of international law. Sean Watts, a law professor at Creighton University in the US, points out that the South should have considered the possibility of a violent reaction from the North before publicising its intentions.

"While my sense is that some international lawyers would regard an operation against [North Korea's nuclear] facilities as lawful given the direct and serious threats the North Korean government makes against the South, the feasibility and likelihood of a wildly disproportionate reaction from the North seems likely enough to give the South serious pause," he says.

A currency trader watches the computer monitors at the foreign exchange dealing room of the Korea Exchange Bank headquarters in Seoul,  Friday, June 21, 2013 South Korea is one of the world's most wired societies, and has a great deal to lose from cyber-attacks

And there is an added legal headache for South Korea. As the two nations never signed a peace treaty at the end of the 1950-1953 war, they are often said to be "technically at war" with each other. Although this designation has no legal force, it is often used as an excuse by the North to launch attacks.

Under the law of armed conflict, the North would be legally allowed to attack "military objects" within South Korea. Those objects are usually regarded as military installations, soldiers, and infrastructure directly involved in the war effort, such as arms factories.

In a cyberwar, it is unclear who the defending nation could legitimately target. The people pushing the metaphorical button to launch the virus? The software developers working for private companies helping to develop the virus? The communications networks used to transmit information about the virus?

These scenarios might sound far-fetched, but they are being played out by strategists across the world, and studied in a growing body of legal scholarship. If there is any place on Earth where escalation is possible, it is the Korean peninsula. South Korea's Western allies will no doubt be hoping for fewer statements of this kind from the top-brass in Seoul.

More on This Story

Related Stories

More Asia stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.