The Blog

North Korea : Assessing Its Cyber Capabilities

It would seem likely that many have over-estimated the ability of a likely budding cyber program. The North Korean regime is not unlike a multitude of other nations who are all scrambling to acquire necessary cyber capabilities.

Edward Snowden has recently given the world a glimpse into the cyber capability of the United States but what of others nations cyber strength. The DPRK in 2013 has been involved in a number of conflicting reports about its cyber potential. One minute it is a rogue state intent on attacking its rivals with a dedicated band of "cyber warriors" who are determined to disrupt an enemy's cyberspace and key infrastructure. Next minute it's hacked, compromised and humiliated. Can we deduce anything from the recent reports into the DPRK's cyber capability and come up with a more clear assessment?

In May 2013 the United States Department of Defence handed a report to Congress detailing the build up of DPRK cyber infrastructure and after recent revelations it might be safe to assume they know what they are talking about. Varying reports have also claimed that the DPRK possesses a force of around 3,000-4,000 devoted "cyber warriors". This has worried many including the South Korean defence chief who is advocating the ROK to accelerate its cyber program to deal with the increasing DPRK cyber threat. The defence chief and other commentators often point to the March 2013 cyber attacks that brought down around 48,000 thousand computers causing havoc to banking institutions and television stations. North Korea was blamed for the attack even though they denied involvement.

These accounts suggest that the DPRK has a powerful and sophisticated cyber unit. It would certainly make a lot of sense for Kim Jong-Un to develop an effective cyber troop. Cyber attacks would be a very useful tool for a nation that is unable to conventionally challenge its rivals. It clearly does not possess the same material capabilities as the United States or South Korea thus cyberspace is an alluring level-playing field with opportunities to cause real disruption with few ramifications. Cyber attacks remain a low-risk tactic as it is extremely difficult to ascertain the origin of cyber attacks; such is the sophistication of being able to cover up ones cyber footprints. Also the DPRK would not have failed to notice that its main enemies are far more 'connected' than itself. The DPRK has less to fear if threatened by cyber retaliation as its key infrastructure and networks are unlikely to be dependent on cyberspace unlike South Korea or the United States. Therefore it remains a possibility that the DPRK has a strong cyber force that has flexed its cyber muscles already.

The opposite story also remains feasible. Anonymous has announced they have breached the North Korean firewall and have stolen sensitive documents. They are due to release some of these documents on the 25th of June and hand the rest over to wikileaks. There are some experts that have doubted the authenticity of the claims but Anonymous does have good form in this area. They did manage to hack into the Uriminzokkiri (우리민족끼리) website, a website that relays official North Korean news, and access its membership list in April 2013.

These conflicting reports paint a different picture and suggest that the North Korean cyber defences may not be as advanced as many have feared. If Anonymous have been able to access top secret files with relative impunity then it throws into question the assumptions that the DPRK has developed a sufficient force to really threaten the ROK or the United States.

So what can we make of the dual assertions of DPRK perceived strength and weakness in the cyber sphere. Like most DPRK stories it is hard to know exactly due to the opaqueness of the political system but it would seem likely that the North Korean regime would have invested in cyber security. The incentives seem too tempting for a nation that is so heavily sanctioned and unable to compete conventionally. On the other hand if Anonymous have the ability to breeze by the once thought of imperious North Korean firewall then you must assume other nations also already have the ability. The United States cyber command is well funded and has a high level of expertise. If there is a way in you'd assume they've already found it. The North Korean regime has already accused the United States of persistent attacks which comes as little surprise but the true extent of how successful it has been is unknown. It makes sense for the United States to bide its time and not reveal how far it has penetrated in the current cyber climate and launching an attack would not be the best publicity for the nation right now.

Therefore it would seem likely that many have over-estimated the ability of a likely budding cyber program. The North Korean regime is not unlike a multitude of other nations who are all scrambling to acquire necessary cyber capabilities. Cyber is the newest domain of warfare and has a dangerous lack of norms and rules. All signs point to it becoming the most popular arena to do battle in. North Korea will be acutely aware of this and while it may possess a cyber force, it seems unlikely after recent Anonymous attacks that it is as advanced as top officials may believe.