WASHINGTON — Three years ago, President Barack Obama ordered Pentagon officials to step up their cyber and electronic strikes against North Korea's missile program in hopes of sabotaging test launches in their opening seconds.
Soon, a large number of the North's military rockets began to explode, veer off course, disintegrate in midair and plunge into the sea. Advocates of such efforts say they believe that targeted attacks have given U.S. antimissile defenses a new edge and delayed by several years the day when North Korea will be able to threaten U.S. cities with nuclear weapons launched atop intercontinental ballistic missiles.
But other experts have grown increasingly skeptical of the new approach, arguing that manufacturing errors, disgruntled insiders and sheer incompetence can also send missiles awry. Over the past eight months, they note, the North has managed to successfully launch three medium-range rockets. And Kim Jong Un, the North Korean leader, now claims his country is in "the final stage in preparations" for the inaugural test of his intercontinental missiles — perhaps a bluff, perhaps not.
An examination of the Pentagon's disruption effort, based on interviews with officials of the Obama and Trump administrations as well as a review of extensive but obscure public records, found that the United States still does not have the ability to effectively counter the North Korean nuclear and missile programs. Those threats are far more resilient than many experts thought, The New York Times' reporting found, and pose such a danger that Obama, as he left office, warned President Donald Trump they were likely to be the most urgent problem he would confront.
Trump has signaled his preference to respond aggressively against the North Korean threat. In a Twitter post after Kim first issued his warning on New Year's Day, the president wrote, "It won't happen!" Yet like Obama before him, Trump is quickly discovering he must choose from highly imperfect options.
He could order the escalation of the Pentagon's cyber and electronic warfare effort, but that carries no guarantees. He could open negotiations with the North to freeze its nuclear and missile programs, but that would leave a looming threat in place. He could prepare for direct missile strikes on the launch sites, which Obama also considered, but there is little chance of hitting every target. He could press the Chinese to cut off trade and support, but Beijing has always stopped short of steps that could lead to the regime's collapse.
In two meetings of Trump's national security deputies in the Situation Room, the most recent on Tuesday, all those options were discussed, along with the possibility of reintroducing nuclear weapons to South Korea as a dramatic warning. Administration officials say those issues will soon go to Trump and his top national security aides.
The decision to intensify the cyber and electronic strikes, in early 2014, came after Obama concluded that the $300 billion spent since the Eisenhower era on traditional antimissile systems, often compared to hitting "a bullet with a bullet," had failed the core purpose of protecting the continental United States. Flight tests of interceptors based in Alaska and California had an overall failure rate of 56 percent, under near-perfect conditions. Privately, many experts warned the system would fare worse in real combat.
So the Obama administration searched for a better way to destroy missiles. It reached for techniques the Pentagon had long been experimenting with under the rubric of "left of launch," because the attacks begin before the missiles ever reach the launchpad, or just as they lift off. For years, the Pentagon's most senior officers and officials have publicly advocated these kinds of sophisticated attacks in little-noticed testimony to Congress and at defense conferences.
The Times inquiry began last spring as the number of the North's missile failures soared. The investigation uncovered the military documents praising the new antimissile approach and found some pointing with photos and diagrams to North Korea as one of the most urgent targets.
After discussions with the office of the director of national intelligence last year and in recent days with Trump's national security team, The Times agreed to withhold details of those efforts to keep North Korea from learning how to defeat them. Last fall, Kim was widely reported to have ordered an investigation into whether the United States was sabotaging North Korea's launches, and over the past week, he has executed senior security officials.
The approach taken in targeting the North Korean missiles has distinct echoes of the U.S.- and Israeli-led sabotage of Iran's nuclear program, the most sophisticated known use of a cyberweapon meant to cripple a nuclear threat. But even that use of the "Stuxnet" worm in Iran quickly ran into limits. It was effective for several years, until the Iranians figured it out and recovered. And Iran posed a relatively easy target: an underground nuclear enrichment plant that could be attacked repeatedly.
In North Korea, the target is much more challenging. Missiles are fired from multiple launch sites around the country and moved about on mobile launchers in an elaborate shell game meant to deceive adversaries. To strike them, timing is critical.
Advocates of the sophisticated effort to remotely manipulate data inside North Korea's missile systems argue the United States has no real alternative because the effort to stop the North from learning the secrets of making nuclear weapons has already failed. The only hope now is stopping the country from developing an intercontinental missile and demonstrating that destructive threat to the world.
"Disrupting their tests," William J. Perry, secretary of defense in the Clinton administration, said at a recent presentation in Washington, would be "a pretty effective way of stopping their ICBM program."
Decades in the making
Three generations of the Kim family have dreamed that their broken, otherwise failed nation could build its own nuclear weapons, and the missiles to deliver them, as the ultimate survival strategy. With nukes in hand, the Kims have calculated, they need not fear being overrun by South Korea, invaded by the United States or sold out by China.
North Korea began seeking an intercontinental ballistic missile decades ago: It was the dream of Kim Il Sung, the country's founder, who bitterly remembered the U.S. threats to use nuclear weapons against the North during the Korean War.
His break came after the collapse of the Soviet Union, when out-of-work Russian rocket scientists began seeking employment in North Korea. Soon, a new generation of North Korean missiles began to appear, all knockoffs of Soviet designs. Though flight tests were sparse, American experts marveled at how the North seemed to avoid the kinds of failures that typically strike new rocket programs, including those of the United States in the late 1950s.
The success was so marked that Timothy McCarthy of the Middlebury Institute of International Studies at Monterey wrote in a 2001 analysis that Pyongyang's record "appears completely unique in the history of missile development and production."
In response, President George W. Bush announced in late 2002 the deployment of antimissile interceptors in Alaska and California. At the same time, Bush accelerated programs to get inside the long supply chain of parts for North Korean missiles, lacing them with defects and weaknesses, a technique also used for years against Iran.
Threat grows in Obama era
By the time Obama took office in January 2009, the North had deployed hundreds of short- and medium-range missiles that used Russian designs and had made billions of dollars selling its Scud missiles to Egypt, Libya, Pakistan, Syria, the United Arab Emirates and Yemen. But it aspired to a new generation of missiles that could fire warheads over much longer distances.
In secret cables written in the first year of the Obama administration, Secretary of State Hillary Clinton laid out the emerging threat. Among the most alarming released by WikiLeaks, the cables described a new path the North was taking to reach its long-range goal, based on a missile designed by the Soviets decades ago for their submarines that carried thermonuclear warheads.
It was called the R-27. Unlike the North's lumbering, older rockets and missiles, these would be small enough to hide in caves and move into position by truck. The advantage was clear: This missile would be far harder for the United States to find and destroy.
"North Korea's next goal may be to develop a mobile ICBM that would be capable of threatening targets around the world," said an October 2009 cable marked "Secret" and signed by Clinton.
The next year, one of the new missiles showed up in a North Korean military parade, just as the intelligence reports had warned.
By 2013, North Korean rockets thundered with new regularity. And that February, the North set off a nuclear test that woke up Washington: The monitoring data told of an explosion roughly the size of the bomb that leveled Hiroshima.
Days after the explosion, the Pentagon announced an expansion of its force of antimissile interceptors in California and Alaska. It also began to unveil its "left of launch" program to disable missiles before liftoff — hoping to bolster its chances of destroying them. Gen. Martin E. Dempsey, the chairman of the Joint Chiefs of Staff, announced the program, saying that "cyberwarfare, directed energy and electronic attack," a reference to such things as malware, lasers and signal jamming, were all becoming important new adjuncts to the traditional ways of deflecting enemy strikes.
He never mentioned North Korea. But a map accompanying Dempsey's policy paper on the subject showed one of the North's missiles streaking toward the United States. Soon, in testimony before Congress and at public panels in Washington, current and former officials and a major contractor — Raytheon — began talking openly about "left of launch" technologies, in particular cyber and electronic strikes at the moment of launch.
The North, meanwhile, was developing its own exotic arsenal. It tried repeatedly to disrupt U.S. and South Korean military exercises by jamming electronic signals for guided weapons, including missiles. And it demonstrated its cyberpower in the oddest of places — Hollywood. In 2014, it attacked Sony Pictures Entertainment with a strike that destroyed about 70 percent of the company's computing systems, surprising experts with its technical savvy.
Last month, a report on cybervulnerabilities by the Defense Science Board, commissioned by the Pentagon during the Obama administration, warned that North Korea might acquire the ability to cripple the U.S. power grid and cautioned that it could never be allowed to "hold vital U.S. strike systems at risk."
Secret push, and new doubts
Not long after Dempsey made his public announcement, Obama and his defense secretary, Ash Carter, began calling meetings focused on one question: Could a crash program slow the North's march toward an intercontinental ballistic missile?
There were many options, some drawn from Dempsey's list. Obama ultimately pressed the Pentagon and intelligence agencies to pull out all the stops, which officials took as encouragement to reach for untested technologies.
The North's missiles soon began to fail at a remarkable pace. Some were destroyed, no doubt, by accident as well as by design. The technology the North was pursuing, using new designs and new engines, involved multistage rockets, introducing all kinds of possibilities for catastrophic mistakes. But by most accounts, the U.S. program accentuated the failures.
The evidence was in the numbers. Most flight tests of an intermediate-range missile called the Musudan, the weapon that the North Koreans showed off in public just after Clinton's warning, ended in flames: Its overall failure rate is 88 percent.
Nonetheless, Kim Jong Un has pressed ahead on his main goal: an intercontinental ballistic missile. Last April, he was photographed standing next to a giant test stand, celebrating after engineers successfully fired off a matched pair of the potent Russian-designed R-27 engines. The implication was clear: Strapping two of the engines together at the base of a missile was the secret to building an ICBM that could ultimately hurl warheads at the United States.
In September, he celebrated the most successful test yet of a North Korean nuclear weapon — one that exploded with more than twice the destructive force of the Hiroshima bomb.
His next goal, experts say, is to combine those two technologies, shrinking his nuclear warheads to a size that can fit on an intercontinental missile. Only then can he credibly claim that his isolated country has the know-how to hit a U.S. city thousands of miles away.
In the last year of his presidency, Obama often noted publicly that the North was learning from every nuclear and missile test — even the failures — and getting closer to its goal. In private, aides noticed he was increasingly disturbed by North Korea's progress.
With only a few months left in office, he pushed aides for new approaches. At one meeting, he declared that he would have targeted the North Korean leadership and weapons sites if he thought it would work. But it was, as Obama and his assembled aides knew, an empty threat: Getting timely intelligence on the location of North Korea's leaders or their weapons at any moment would be almost impossible, and the risks of missing were tremendous, including renewed war on the Korean Peninsula.
For Trump, hard decisions
As a presidential candidate, Trump complained that "we're so obsolete in cyber," a line that grated on officials at the U.S. Cyber Command and the National Security Agency, where billions of dollars have been spent to provide the president with new options for intelligence gathering and cyberattacks. Now, one of the immediate questions he faces is whether to accelerate or scale back those efforts.
A decision to go after an adversary's launch ability can have unintended consequences, experts warn. Once the United States uses cyberweapons against nuclear launch systems — even in a threatening state like North Korea — Russia and China may feel free to do the same, targeting fields of U.S. missiles.
Some strategists argue that all nuclear systems should be off-limits for cyberattack. Otherwise, if a nuclear power thought it could secretly disable an adversary's atomic controls, it might be more tempted to take the risk of launching a pre-emptive attack.
"I understand the urgent threat," said Amy Zegart, a Stanford University intelligence and cybersecurity expert, who said she had no independent knowledge of the U.S. effort. "But 30 years from now, we may decide it was a very, very dangerous thing to do."
Trump's aides say everything is on the table. China recently cut off coal imports from the North, but the United States is also looking at ways to freeze the Kim family's assets, some of which are believed held in Chinese-controlled banks. The Chinese have already opposed the deployment of a high-altitude missile defense system known as THAAD in South Korea; the Trump team may call for even more such systems.
The White House is also looking at pre-emptive military strike options, a senior Trump administration official said, though the challenge is huge given the country's mountainous terrain and deep tunnels and bunkers. Putting U.S. tactical nuclear weapons back in South Korea — they were withdrawn a quarter-century ago — is also under consideration, even if that step could accelerate an arms race with the North.
Trump's "It won't happen!" post on Twitter about the North's ICBM threat suggests a larger confrontation could be looming.
"Regardless of Trump's actual intentions," James M. Acton, a nuclear analyst at the Carnegie Endowment for International Peace recently noted, "the tweet could come to be seen as a 'red line' and hence set up a potential test of his credibility."