Let’s hope Trump didn’t give Kim Jong Un the wrong ‘direct number’
President Trump’s historic meeting with Kim Jong-Un may not have resulted in the complete de-nuclearization of the Korean Peninsula, but it did lead to a fascinating exchange in which the President claims to have given Kim a “very direct number” if the North Korean leader “has any difficulty.” Wired raises an interesting point about the situation, though: given President Trump’s attempts to keep his own smartphones away from security-minded staffers, is it possible he inadvertently created a potential security nightmare by giving Kim his personal phone number?
There’s no way to know for sure from the outside, but let’s hope not. If he in fact gave Kim his personal phone number, there are several avenues Kim’s intelligence corps could approach from. A known flaw in Signaling System 7 — the protocol used to allow roaming and ensure that data can pass between different wireless carrier networks — could feasibly be used to monitor phone calls, text messages and even device locations. Needless to say, having that sort of awareness of a sitting president’s actions has the potential to be highly destabilizing.
Putting fundamental network vulnerabilities aside, there’s also the issue of malware to contend with. North Korea has long leaned on malicious software to infiltrate networks and generally wreak havoc — remember the WannaCry cyber-nightmare that held businesses and hospitals ransom last year? Yeah, North Korea. Analysts from the Department of Homeland Security and the FBI have filed no less than eleven reports describing the tactics and behaviors of North Korean malware since last year, including one that was published just days after President Trump’s historic summit with Kim Jong-Un in Singapore.
While much of the conversation around North Korean malware deals with PC exploits, the country isn’t foreign to more mobile kinds of attacks. Reports from last year indicated that the NK-affiliated Lazarus Group (best known for its role in the massive Sony Pictures hack) successfully propagated malware targeted at South Korean citizens by embedding it in a free Bible app. And earlier this year, McAfee researchers reported that North Korea’s Sun Team successfully targeted defectors who had fled to South Korea with a trio of apps that hid in Google’s Play Store. It’s fairly unlikely that President Trump would blindly install an app from a link received by, say, SMS, but given North Korea’s sometimes surprising talent for technical espionage, we should hope the president gave Kim some other phone number instead.