North Korea: Cyber Mad Dogs or Bluster Kings?

North Korea: Cyber Mad Dogs or Bluster Kings?

Has the manic hornet’s nest that is North Korea been stirred so much by the UN’s reaction to its missile launch that the Dear Leader bunch might launch a cyber attack on the members of the Security Council? Kevin Coleman, who regularly writes on cyber war issues for DefenseTech, has a penetrating analysis of North Korea’s cyber capabilities and discusses the chances North Korea might launch a cyber attack. He notes that, while the North Koreans only spend an estimated $56 million annually on their cyber troops they are ranked eight in the world in terms of effectiveness.

Kevin’s piece follows:

North Korea warned the United Nations Security Council on April 7th, 2009 that it would take “strong steps” if the fifteen nation body took any action in response to Pyongyang’s launch of a long-range rocket three days earlier. The United States voiced its displeasure calling the launch a “provocative act” that violated a 2006 Security Council resolution prohibiting Pyongyang from conducting ballistic missile launches.

On April 13th, 2009 the United Nations Security Council in a “Presidential Letter” condemned North Korea’s April 5th rocket launch and demanded that Pyongyang not conduct further tests, saying that it would expand existing sanctions against North Korea. The 15 member Security Council voted unanimously for the statement by the council’s president demanding the country make no more launches. This response was one level below a formal resolution.

On April 17th, 2009 Washington increased pressure on North Korea by warning of “consequences” for its recent rocket launch and the latest decision to kick out nuclear inspectors. A State Department spokesperson said that “North Korea has not listened to the will of the international community, and therefore it’s going to have to face the consequences from its unwillingness to meet the international community’s requirements.”

North Korea quickly responded saying any sanctions or pressure to be put upon it as a declaration of undisguised confrontation and a declaration of a war against the DPRK. The North Korean spokesman reportedly said, “There is no limit to the strike to be made by the revolutionary armed forces of the DPRK.” North Korea has reacted to the criticism with more than just words. They expelled all nuclear weapons inspectors and declared that they will resume work on nuclear weapons.

Most military strategists agree that cyber attacks are an excellent first strike weapon. In these specific circumstances, cyber attacks might be considered by Pyongyang as an appropriate and proportional response to the U.N. Security Council’s condemnation and reinforcement of existing sanctions. High probability targets if DPRK launches cyber attacks include South Korea and the fifteen countries that make up the current U.N. Security Council that include — permanent members-China, France, Russian Federation, the United Kingdom and the United States — and ten non-permanent members Austria, Japan, Uganda, Burkina Faso, Libyan Arab Jamahiriya, Vietnam, Costa Rica, Mexico, Croatia and Turkey. This calls for increased vigilance by cyber security professionals guarding the critical infrastructure of those targets identified above.

North Korean Cyber Capabilities Estimate:

Unit: 121

Established: 1998

Force Size: 12,000 declining

Cyber Budget: $56+ million.

Goal: To increase their military standing by advancing their asymmetric and cyber warfare capabilities.

Experience: Hacked into South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.

Threat Rating: North Korea is ranked 8th on the cyber capabilities threat matrix developed in August 2007 and updated February 2009.

Cyber Intelligence/Espionage: Basic to moderately advanced weapons with significant ongoing development into cyber intelligence.

Offensive Cyber Weapons: North Korea now has the technical capability to construct and deploy an array of cyber weapons. They have moderately advanced distributed denial of service (DDoS) capabilities with moderate virus and malicious code capabilities. Hacking capabilities are moderate to strong with an experience rating of limited to moderate.

Join the Conversation

Twelve thousand “cyber troops”? Annual spending of $56 million? Where does he get these estimates? What hard information is there that could be believed?

The North Koreans have been working on ballistic missiles for decades, and so far, can’t manage the accuracy that Werner von Braun attained (such as it was) in the 1940s. If the Dear Leader’s boys are #8 on the cyber warfare list, my guess is that there’s some miscreant kid down the street from me who should be ranked seventh.

And who calls Libya the “Libyan Arab Jamahiriya”, except Qaddafi and his cronies? Really.

I agree with James, North Korea could and will become a serious problem if we do not deal with them now.

In answer to your question, we began tracking and estimating cyber capabilities back in 2001. We examine military budgets, attacks attributed to the entity, education, technical and scientific research and capabilities, internet connectivity, infrastructure, political motivations, export and import data on computer equipment and coordinated military exercises with other countries as well as several other factors that cannot be disclosed. Our analysis has been referenced by US Strategic command in their testimony before congressional commissions. In addition we are used by military and intelligence entities for our insight and foresight. Intelligence analysis collects all available data and comes up with an educated estimate of capabilities.

It has been a long time since anyone we have been concerned about “miscreant kids.” The complexity of many attacks and sophistication of the code left behind from attacks has risen far beyond the capability of kids!

“Miscreant kids” were largely responsible for the cyber attack on Georgia, even though it was more of an annoyance than a really damaging cyber attack.

Don’t underestimate the power of politically motivated youth with access to a tool suite. And there is no inherent superiority of “military” cyber attack suites as opposed to non-military ones. The complexity and ingenuity of the Conficker worm is proof of that.

Please stop using the terms ‘cyber attacks’ and ‘DDOS attacks’ interchangeably. Exploits for zero day vulnerabilities are a far different animal then some silly bandwidth competition from 2001.

Brian you bring up an excellent point.

Unless there is global cooperation investigating these event, you really have a difficult time uncovering who is behind a cyber attack. That is why when I spoke at the United Nations I suggested the UN get a cooperation agreement in place to assist in binging those behind cyber attacks to justice. However, the attacks on South Korea were not done by kids. North Korea’s capabilities should not be brushed aside likely.

As long as we are tied to a Windows based infrastructure we will be at risk.

MacMan you are partially correct but not 100%. As long as a system/node has access to an unsecured medium such as the World Wide Web it is vulnerable. Regardless of it’s operating system.

Kevin — Well written response and i’ve had the pleasure of reading some of your organizations briefings and I must say that they are very spot on and detailed. Just an FYI for everyone these guys are CPISC certified and very much so know what they are talking about.

Brian — Not really. Those were not “kids”.

Mac OS X is the most secure operating system right out of the box bar none.
With the right…enhancements it is ironclad. However you are correct when you state that additional precautions are always prudent.

Unfortunately the military isn’t drawing pretty pictures and making awesome YouTube movies all the time. Otherwise yes, a Mac would be the perfect OS of choice.

They will never, if they indeed caused damage to all members of the security council including China and Russia, they could just as well start digging graves. That would be an invitation for expanded sanctions, possibly even military intervention or threat thereof much like the circus going on before latest Iraq war.

Matt, if you knew anything about what you were talking about, you’d know know that a Mac is great for anything you use it for.

Since you don’t, you make comments like you do, living in a cave.

I believe its OpenBSD which is the OS with the least amount of vulnerabilities. It’s holes can be counted on two hands. I’m not an expert, just passing along something I heard.

Mark is right. The Mac is the most secure platform on the market. It’s not about market share, but the technology.
I have noticed that these people who bash the Mac OS know little or nothing about it.


NOTE: Comments are limited to 2500 characters and spaces.

By commenting on this topic you agree to the terms and conditions of our User Agreement

AdChoices | Like us on , follow us on and join us on Google+
© 2015 Military Advantage
A Monster Company.