China May Be Behind North Korean Missile Failures

At first glance, this may seem to be a counter-intuitive viewpoint. After all, China is one of North Korea’s only two friends in the world. The other, Iran, is too geographically separated to give more than psychological support. But things have changed. Last year China agreed to strong U.N. sanctions against North Korea after North Korea conducted its fourth nuclear test. At that time, it was thought that the Chinese were worried that its own economy may be targeted with sanctions by the U.S. if it continued in its reticence to put pressure on North Korea. China also agreed to the sanctions under the condition that the U.S. not install missile defense systems in South Korea.

 Experts agree that China did not seriously enforce these sanctions. China needs North Korea and North Korea knows it. In fact, North Korea feels that China needs them more than they need China. Why else would Kim Jong-un assassinate the main contact between North Korea and China, his uncle, Jang Song-thaek? It was a message not lost on the Chinese leadership.

 North Korea knows that China needs them to serve as a buffer between it and South Korea and, by extension, the U.S. China also doesn’t want a North Korean collapse because of the economic strain Korean refugees would place on their economy. If China could choose its dream scenario, it would be for some sort of regime change to one that would be far less confrontational.

The U.S. has ramped up pressure on China to control North Korea and has gone so far as to install a THAAD missile defense system in South Korea, knowing all along that this would irk China and, perhaps, motivate them to do more to control Pyongyang. Interestingly, this occurred just before The Chinese president was due to meet with President Trump.  We do not know what was agreed upon in the meeting President Trump had with Chinese president Xi, but, from all indications, something positive seemed to come of it as Trump has repeatedly claimed he was happy with the meeting. China has apparently agreed to ramp up economic pressure on North Korea, probably with the promise of not being designated as a currency manipulator. According to some sources, Trump may have threatened China with sanctions on both its banking sector and companies supporting North Korea’s missile and nuclear technology.

 It has been known for some time that China has shipped missile technology to North Korea in violation of sanctions. Some of this technology originated in Europe but was sold on to North Korea through Chinese companies which were often fronts for North Korean owners. A U.N. security council report from February, 2017, details the degree to which Chinese companies are complicit in violating sanctions. It’s an impressive list. Last year, the Security Council imposed sanctions on the North Korea-Ryonha Machinery Joint Venture Corporation, based in China, which produces parts used in the North Korea’s missiles and uranium enrichment centrifuges.

 Also last year, while the North Korean government was celebrating the launch of its Kwangmyongsong-4 satellite, South Korea was celebrating the collection of parts from the rocket that launched it. The U.N. report, mentioned above, said the find demonstrated “the continuing critical importance of high-end, foreign-sourced components” in North Korean missile construction. Though the missile itself was found to have been built in North Korea, many of its components were from a variety of countries around the world.

 One of North Korea’s greatest acquisitions in this regard was that of Computer Numerical Control (CNC) machinery which could be used in the construction of both missile and nuclear components. These computer controlled machines are used for the high precision work so necessary in this field.

 cnc

 According to the U.N. report, Kim got these machines from China.

 “The Panel noted that a Chinese company had exported several computer numerically controlled machine tools to the country, and investigated the possible involvement of Ryonha Machinery Corporation. According to the company’s website, a Democratic People’s Republic of Korea company ordered computer numerically controlled machines and visited its workshop to inspect computer numerically controlled machine tools before purchasing them.”

 So excited was Kim to get these machines that he had a song composed to glorify them. If you didn’t think North Korea was strange before, what can you say about a regime that has songs written to glorify a machine? For your listening pleasure, here is that song.

 

 

As far as I know, it received no Grammy nominations. But if they ever have a category of ‘Best Song about a Machine’…

The media is currently filled with stories about the U.S. being behind North Korea’s rather high rate of missile failures (52% in 2016). They point to the possibility of a Stuxnet-like attack or an attack that corrupts technical components via the supply chain. The problem of a Stuxnet attack is that it would require the use of an insider, and not just one insider, but insiders at every missile launch site. The problem with infecting the supply chain is the lack of technical components that originate in the U.S. This would mean that other countries and companies would either have to agree to letting the U.S. mess with its products or the U.S. would have to ‘arrange’ for sensitive components to be ‘stolen’ or shipped to cooperating middlemen countries and then marketed to North Korea. Both vectors are problematic.

 The following chart shows the specifics on North Korean’s missile launches for last year.

nkorea missles

Note that failures occurred at five separate sites. Except for Kusong, all of the sites also had successful launches. In addition, failures occurred in a variety of ways. If something cyber was behind the failures, it was doing a hit or miss job.

 China is not upset by the number of failures, but they are upset about North Korea destabilizing the region in its pursuit of deployable nuclear weapons. They would, in fact, be happy to see North Korea’s missile program fail. To that end, China is in the unique position to contribute to this failure. If China was selling CNC technology to North Korea with its accompanying software, they could also throw in some malware that could mess with these machines. They could design them to malfunction and damage the product. Since such components must be designed within extremely precise parameters, it would be no problem, with effective malware,  to alter these parameters just enough to make the final product undependable under real world conditions. What’s more, the malware could mask these changes in the parameters to make it appear to the human controllers monitoring these machines that nothing at all was wrong. The problem would be in the unpredictability of the outcome. That is, the parts may be made outside of specification guidelines but may or may not malfunction, and, if they did, the type of malfunction may not be predictable.

 It is well known that the Chinese government can force any company to build backdoors into its products. But doing so with companies which serve as fronts for North Korean owners or who even deal with North Korea is not so easy. In such a case, the North Koreans would know that this was happening and would be able to neutralize the attempt. It would be far better to insert malware after the product left the factory, either through supply chain intervention or remotely, after the device had been installed in North Korea. As far as the remote insertion of malware is concerned, it should be noted that all internet traffic going to North Korea goes through China.

 The problem with most malware is that it will eventually be discovered and this would certainly not improve relations between China and North Korea. There is, however, a type of malware that can remain hidden, survive updates, and can persist even if the hard drive is reformatted. This is a rare type of malware that can flash or rewrite the firmware. Think of firmware as a program on a chip that tells the hard drive it’s a hard drive. Otherwise, how would it know how to act when someone tries to install an operating system? The problem is that almost no one has the capability to do such a hack. Kaspersky has, however, found one group capable of this so-called god-like power. This group has found a way to rewrite the firmware to make it deliver malware to the computer/device it operates. Kaspersky has termed this malware, “indestructible”. As Kaspersky notes, “this is very high profile engineering which requires months of development and millions in investment.” And what is the group that has such power? Kaspersky has identified it as the Equation Group. It is, apparently, a group that works with the United States National Security Agency or NSA.

 I doubt whether the Chinese have developed such sophisticated malware. If they had, they most likely would have used it, instead of traditional malware, in their attempts to subvert the THAAD missile defense system in South Korea.  But would they agree to work with U.S. intelligence on a cyberattack that would attain the mutual goal of undermining North Korea’s missile program? It’s not that far-fetched of an idea and one that would certainly be more effective than many of the so-called ‘left-of-launch’ techniques currently being discussed. Since all internet traffic is routed through China, remotely triggering a firmware overwrite is not out of the question. To be frank, if the U.S. and China haven’t considered this option, they should.

 Of course, such an agreement would have to be kept under wraps with the appropriate diversionary tactics: China will bristle at any semblance of U.S. aggression in an attempt to appear friendly towards North Korea. After all, they can’t tip their hand and have the already paranoid Kim looking at them with suspicion. North Korea has already castigated China on its improving relations with the U.S. Hu Xingdou, a political analyst at Beijing Institute of Technology, claimed that “there are already cracks” in the relationship but it was better for both parties “to maintain peace on the surface.”

 It’s really a win-win situation for both the U.S. and China. China gets stability in Asia, better trade deals, and not being condemned for hurting the North Korean people which is what is more likely to happen if they stop buying North Korean coal. The U.S. gets a neutralized North Korea. The only person to be hurt by such an arrangement is…

 crying kim

  

 

 

 

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s