I don’t know enough to phrase this question correctly. But how can you remotely “hack” something that’s not on a network?
Perhaps the North Koreans were. But if so, why? Plenty of missiles were successfully tested in the late 50’s and 60’s without the internet.
I saw a few reports that the missile was hacked, but it has not been confirmed. The information could be wrong.
The North Koreans would want to get information from the missile in progress (fuel readings, navigation readings, other system status updates, etc). Unfortunately that leaves it full of vulnerabilities.
Whether the allegations are true or not, I suspect North Korea will “air gap” any future missile designs.
They don’t need to be on a network, but it’s much easier to program the missile guidance software, for example, if you can just look up working code snippets on stackoverflow. I know that in the 50s and 60s they didn’t have such advantages - but they also had massive teams and access to people who had literally been part of hand building digital computers. North Korea doesn’t have that kind of technical infrastructure and I bet their missile workers have extremely limited resources and equipment.
Suppose we sold them a sabotaged defective part through a bunch of intermediaries so they didn’t know it came from us.
Suppose we posted some technical disinformation that they believed was good and they designed or built or programmed something based on that.
Suppose their missile has some features that are controlled by radio from the ground. Suppose we jammed or overrode their commands.
Suppose, like stuxnet, that we somehow infiltrated software tweaks into the machines that concoted the rocket fuel. So the actual chemistry wasn’t what they intended it to be, nor what they thought it was.
There are lots of ways to sabotage that are not plain old internet “hacking” = malware on browsers. “Hacking” is just the cool new word for sabotage.
Or, more likely, they just built a crappy rocket because building good rockets is very, very hard. Meanwhile we’re sowing FUD in the political and the technical hierarchy by unofficially claiming that we sabotaged it while officially denying the same. In a closed society that runs on paranoia anyhow, convincing the leadership they should have even less trust in their people and processes can be especially corrosive.
How much of the N. Korean missile program is supplied by China? Does N. Korea build their own chips? I know if I were China, and there was a way to do it, I would have a off switch in there. North Korean leadership is just too crazy.
You never know, China may have blown it up.
This is plausible. I don’t know it’s likely, but it could have been done - DPRK is an unstable regime, and I don’t think China would want long-range delivery systems on their own doorstep - It’s too dangerous for them, should DPRK decide to take offense to something China did.
The DPRK have no known chip fabrication facilities, so any microprocessors they have MUST have come from the outside, most likely from China or Malaysia - or maybe Japan or ROK. That’s a potential opportunity for someone to monkey with the chips in some fashion.
I agree with this. I’m clueless about how missiles are built, but I was also thinking something along the lines of Stuxnet might have been used. IIRC, the devices compromised by Stuxnet were also airgapped. Presumably in that case, infected removable media was attached to a PLC at some point, either unwittingly or by an agent inside the operation. I suppose something similar might have been done to render the NK missile inoperable.
Or, as LSLGuy notes, the missile just failed because the North Koreans are not exactly rocket scientists.
ETA: Anybody know what about percentage of early US ICBM tests failed? It would be interesting to see if NK’s success rate is really that bad, or fairly reasonable for a country building a nuke program from scratch.
Good point.
Sounds less sinister/not nice.
The stux virus that brought down the Iranian centrifuges got onto their closed network through an infected USB drive. No one knows exactly how, but it could well have been an Isreali undercover agent, or just that the US / Israel paid extremely large sums of money to bribe a worker inside the program to get it onto their network. South Korea must have some undercover agents in the north, or “turned” assets there. Note you don’t need to use a USB, if you can get physically close to a network cable thats on the closed secure network you can inject things onto the network and sniff whats going through using blackbox devices. A low level soldier working as a guard would potentially have the necessary access to do this.
Anyway, whether or not it was hacked, it’s good psyops for SK and the US to leak rumors that it was. Means they have to do a witch hunt and purge of their program, delaying things and potentially ending up with some essential scientists or engineers getting caught up in the witch hunt, delaying even more.
The Best Koreans may not be rocket scientists, but it IS hard to build rockets. The US imported a Nazi to get things going. At this point we have the infrastructure and experience to build more and better missiles, but there are still things hard for the US to do–like shoot down other missiles. If you want a litany of failed missile tests, look at the history of antimissile defenses in tests and in real life.
Maybe the US is messing with their program, and I hope we are, but the tech is not easy.
There will all sorts of possibilities for the failure. Simple bad luck is going to be number one. NK does not have a huge amount of experience in this game, and given the state of the country and its economy they are doing this on the ragged edge of viability. So you can expect that they cut corners that they don’t even know are being cut.
Another common problem is overreaching ambition of the political masters. It was clear the missile was to be launched on a specifically anointed day, and there would have been no chance to delay the launch for any number of operational reasons. Ready or not it was going to be flown. And we don’t know what the intended range was going to be. But one might guess that if they at all thought that there was a chance they could demonstrate a missile with a hitherto unbeaten range, something to stir up he US and Japan, they would have been very keen to do so. So a politically motivated desire to fly probably unready new technology. None of this is likely to result in success.
And something which is not limited to new systems or the North Koreans.
UK Trident Missile Test Fails.
You don’t even have to do all that. Just find where some programmers hang out and leave a bunch of infected flash drives lying around, preferably still in their original packaging. They’ll get snatched up and eventually used at work.
I thought the engineer meets a girl at a bar, and either their or at her apartment she gives him some naughty pictures of her on a USB drive.
Not bad.
Half a box of brand new USB sticks sitting next to a dumpster at the end of a conference is a good one. Always make them think taking them was their idea.
What you can put in a USB stick is mind blowing. Forget just malware on the file system. You have a fully functioning computer on there. Mostly it just mimics being a USB flash drive. But when it sees its chance it infects the hard drive’s internal controller or the Ethernet controller with the next level of malware. Best of luck finding that.
Air gapping is no defense against a determined nation state.
Some people don’t realize what we already know to be true:
Stuxnet was originally introduced by getting contractors that worked at natanz infected - and they accidentally infected the computers inside by USB
The Israelis took care of this part in Stuxnet - and based on the fact we know Mossad has teams that break into hotel rooms to kill people - it’s not hard to figure out one way
The US went through great effort in recoconstructiing the situation at Natanz - they took AQ Khans centrifuges seized from (Iraq I think) - and got them up and running both at Fort Meade and a nuclear lab in California to design the attack.
It’s not hard to imagine the US would allow prohibited parts from some company we have caught violating the sanctions after we designed a back door.
as mentioned above - we have implemented stuff like fake blueprints - which delayed stuff in (iran? If memory serves, until a former Russian scientist caught it)
leaked TAO catalog…
Showed lots of devices designed to bridge air gap - such as USB cords, hidden radio mesh networks imbedded in whatever, and so on
Just watched “Zero Days” - which is free if you have showtime - highly recommend - documentary on Stuxnet.
The chilling part wasn’t Stuxnet, it was that Stuxnet was a small part of an overall project that was called “Nitro Zeus” that supposedly cost hundreds of millions of dollars (NY Times claims tens of millions) that was a very detailed network of implants that was basically a point and click shutting down of everything from their power grid to communications and air defense.
Also I am not that up on my China/North Korea relations, but I can’t imagine China REALLY wants to see North Korea with advanced nuclear ICBMs - wouldn’t surprise me if they are cooperating as long as we kept it secret.
Not saying we did do it, although I find it hard to believe Trump could contain himself from taking credit, but who knows - he hasn’t been bragging about much of what we are doing behind the scenes (if memory serves - I think he’s only crowed loudly about the Yemen raid and the Syria 59 middle strike).
But even if we didn’t do it - I’m betting we could (or something very similar).
Another possibility is it wasn’t a cyber attack, but something else 
AQ Khan centrifuges which he sold were the P1 and P2 type centrifuges, which the Iranians used as the basis. for IR 1 The P1 especially was not suitable for enriching HEU and was mostky a proof of concept for centrifuge design, which is why AQ could sell it. The P2 was more advanced, but needed special maraging steel in its bellows which theIranians could not manufacture. They used much less capable and reliable carbon fibre instead. All in all, the Iranian centrifuges were and are lousy without help from Israeli or American viruses.
China is entirely plausibly doing such on their own, then pointing subtle fingers at West (DPRK would be eager to leap on that anyway). They REALLY don’t want a DPRK with realized deliverable capactiy. A DPRK that has impending delivery capacity, though, it diplomatically useful.
Or, it may be that he’s been ‘compartmented’ out of the loop. 
Uhh, I have a few questions, not trying to hijack the thread or anything, but I’m just slightly curious, it’s all mostly on-topic, though.
Why don’t they just buy some already tried-and-tested rocket designs from someone else and then just load them to their requirements?
Why does stuxnet work? Why do the factories not just use mechanical, non-computerized switches and controls? How come no-one noticed the wrong fuel mixture in the fuel mixing tank? Surely the fuel should be tested before it gets loaded into a rocket with a nuclear warhead strapped to it? What if it detonated over their own city?
Why do the missiles not just use a non-networked black box setup where all the flight data would be recorded on the storage device inside the box?
Why are the USB sockets not guarded by a security guard + requests permission + a data transferring on/off switch (off is just electricity, on is sharing data) So for example you cannot just plug a USB device into a socket to charge your phone, or “because I need something quick”, no, you need a specific reason, verification from your superior, and some sort of actual extremely through investigation on what the purpose of your actions are. So basically like booking in a hotel room, you cannot just rock up and expect a room, you must book your USB plug in advance, while your superiors check EVERYTHING, including the USB drive, and make sure it is actually required at all.
There’s an entire international industry aimed at preventing proliferation. Add that, at least in DPRK’s case, they’re really unpopular.
Because Enrichment is HARD. You need VERY precise and expensive manchinery, and there are rather few controlers suitable for operating those machines - It’s FAR cheaper to buy Commercial-off-the-shelf than it is to develop from scratch.
Rocket Science is likewise hard - There’s a reason that people use “Rocket SCience” as a code phrase for “Mentally Difficult.”
This is done sometimes - when you expect the missile to land somewhere you can control access. A thousand miles away over ocean? Even if your foes don’t get there first, well, the ocean is deep.
Gods, I WISH the DPRK would sabotage their R&D in this manner! Heh! They’d learn how to launch an IRBM sometime in the year 3417.