Critical Read

Gauging North Korea's cyber operations

Photo credit: GongTo /

What: A report on North Korea's cyberspace operations from the Center for Strategic and International Studies

Why: When ranking nation-states' cyber capabilities, U.S. officials often put North Korea in the second tier with Iran, somewhere behind Russia and China. With reports this week of South Korea being on high alert for cyberattacks from the North, a new CSIS report examines what Kim Jong Un's regime is capable of in the digital realm.

The destructive cyberattack in November 2014 on Sony Pictures Entertainment, attributed by federal officals to North Korea, brought renewed attention on Pyongyang's capabilities in cyberspace. North Korea has also been blamed for March 2013 cyberattacks on South Korean banks and media organizations.

Those two offensives have shown that North Korea is "capable of conducting damaging and disruptive cyberattacks during peacetime," the CSIS report states. "North Korea seems heavily invested in growing and developing its cyber capabilities for both political and military purposes."

The report regards North Korea's pursuit of cyber capabilities as another example of the Hermit Kingdom's quest for asymmetric military advantage on the Korean peninsula. That pursuit exploits a truism of cyberspace: it can cost inordinately more to recover from an attack than it does to execute one.

In wartime, the North Korean regime would shift to targeting the command and control networks of the South Korean and American militaries, the report predicts.

"North Korean cyber doctrine, if one exists, may be premised on the idea that an extensively networked military is vulnerable to cyber capabilities," the authors write. A recognition of the U.S. military's reliance on networked communications for operations is precisely what has spurred U.S. defense officials to invest more heavily in cyber defense.  

Most of the North Korea government's cyber capabilities generally reside in two organizations, according to the report: the Reconnaissance General Bureau handles peacetime operations while the General Staff Department in the North Korean army calls the digitals shots in wartime.

RGB had a hand in the Sony Pictures hack, according to the report, while the army unit may be preparing to couple future kinetic assaults with computer attacks. Pyongyang will likely further integrate cyber units into conventional military forces, the report predicts.

Verbatim: "In response to the cyberattack against Sony [Pictures] in November 2014, policymakers did not have an established menu of proportional response options, thus hindering the ability of the United States to respond quickly and send a clear signal. Establishing a declared policy allows for more timely responses and may have deterrent effects."

Click here to read the full report. 

About the Author

Sean Lyngaas is a former FCW staff writer.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.