Starting in the Obama administration, the United States began studying ways to covertly use offensive cyber capabilities to disable North Korea’s missiles before they could launch. These efforts have intensified under the Trump administration, which has loosened Obama-era guidance on the conditions under which the United States could use cyberweapons.
In fact, earlier this year, a leaked document showed – without naming North Korea specifically – the development of a policy within the Pentagon to pursue “pre-conflict left of launch operations” against missiles. The Pentagon’s policy effort clarified that these kinds of capabilities would be used against an “imminent missile attack”.
Of course, the United States should, and has a public obligation to, defend its citizens from an imminent missile attack, but these kinds of left-of-launch efforts can be destabilising, particularly for the kinds of doubts they will instil in North Korea, which is today a new nuclear power with an acute sense of vulnerability.
Despite the euphemism “left of launch”, what U.S. planners really mean is old-fashioned counterforce against North Korea, whereby its nuclear capabilities are destroyed, leaving it unable to strike the United States. Where more rudimentary conventional and nuclear means of kinetic counterforce would have been obvious in execution, furtive and covert cyber means leave North Korea guessing.
The U.S. likely isn’t using cyber means to disable individual North Korean missiles as they plan to launch today, but could interfere with anything from a missile’s guidance to North Korea’s manufacturing supply chain. There’s no way for North Korean leader Kim Jong-un to know for sure.
All of this gives Kim reason for concern and amplifies the nuclear dangers on the Korean peninsula. North Korea’s relatively lean nuclear force is built around an aggressive and offensive strategy that counts on it going first in a war; U.S. efforts to disable its weapons without a shot being fired will cause Kim to double down on ensuring that his missiles can be used when needed.
Under these conditions, for instance, we could expect North Korea to take dangerous steps with its nuclear command and control, making the accidental or unauthorised use of its nuclear weapons more likely. The most obvious solution to the problem posed by U.S. cyber left-of-launch efforts would be for Kim to devolve authority to field officers, allowing them to use nuclear weapons without his direct approval in a crisis.
Devolved launch authority would be disastrous and immensely raise the risk of a nuclear event. For instance, a North Korean officer bestowed with launch authority may find himself unable to reach Kim or senior North Korean leadership for innocent reasons such as an ordinary communications outage. What’s to say he won’t take that as a sign that the United States has already conducted an attack on the leadership and use his weapons?
To the best of our knowledge, this is not the case today in North Korea. Per its 2013 codification of its nuclear status, North Korea has made explicit that Kim – and only Kim – can authorise the use of nuclear weapons. It would be in the United States’ best interests to ensure that this remains the case.
Moreover, the increasingly public disclosure of U.S. interest in these kinds of capabilities will motivate others, including North Korea, a capable cyber actor in its own right, to pursue similar attempts to interfere in the command-and-control capabilities of its adversaries. The Trump administration’s nuclear posture review has already indicated concerns about these kinds of “significant non-nuclear strategic attacks”.
North Korea’s limited nuclear force and the United States’ overwhelming conventional superiority has already given Kim every reason to have an itchy trigger finger. To manage and reduce nuclear dangers on the Korean peninsula, the United States should clarify that it does not intend to use offensive cyber capabilities to sever Kim from his ability to use his nuclear weapons in a crisis.
None of this neuters the United States’ ability to manage and deter a nuclear North Korea. The U.S. and South Korea continue to maintain conventional superiority, and the alliance’s assurances to Kim that any use of his nuclear weapons would mean the end of his regime remains credible.
If the United States does persist in these efforts to develop offensive cyber capabilities directed at North Korea’s nuclear weapons, it would be wise to publicly disclose and declare the conditions under which these capabilities might be used. This need not reveal methods, but would reduce the uncertainties that amplify Kim’s incentives to devolve nuclear use authority.
The continuing diplomacy on the Korean peninsula may not give way soon to a transformed US-North Korea relationship. As long as the two countries remain nuclear adversaries, the United States should ensure that it doesn’t take steps to engender instability.
This article first appeared at the South China Morning Post. It is republished here with kind permission.