Gauging North Korea's cyber operations
- By Sean Lyngaas
- Jan 27, 2016
What: A report on North Korea's cyberspace operations from the Center for Strategic and International Studies
Why: When ranking nation-states' cyber capabilities, U.S. officials often put North Korea in the second tier with Iran, somewhere behind Russia and China. With reports this week of South Korea being on high alert for cyberattacks from the North, a new CSIS report examines what Kim Jong Un's regime is capable of in the digital realm.
The destructive cyberattack in November 2014 on Sony Pictures Entertainment, attributed by federal officals to North Korea, brought renewed attention on Pyongyang's capabilities in cyberspace. North Korea has also been blamed for March 2013 cyberattacks on South Korean banks and media organizations.
Those two offensives have shown that North Korea is "capable of conducting damaging and disruptive cyberattacks during peacetime," the CSIS report states. "North Korea seems heavily invested in growing and developing its cyber capabilities for both political and military purposes."
The report regards North Korea's pursuit of cyber capabilities as another example of the Hermit Kingdom's quest for asymmetric military advantage on the Korean peninsula. That pursuit exploits a truism of cyberspace: it can cost inordinately more to recover from an attack than it does to execute one.
In wartime, the North Korean regime would shift to targeting the command and control networks of the South Korean and American militaries, the report predicts.
"North Korean cyber doctrine, if one exists, may be premised on the idea that an extensively networked military is vulnerable to cyber capabilities," the authors write. A recognition of the U.S. military's reliance on networked communications for operations is precisely what has spurred U.S. defense officials to invest more heavily in cyber defense.
Most of the North Korea government's cyber capabilities generally reside in two organizations, according to the report: the Reconnaissance General Bureau handles peacetime operations while the General Staff Department in the North Korean army calls the digitals shots in wartime.
RGB had a hand in the Sony Pictures hack, according to the report, while the army unit may be preparing to couple future kinetic assaults with computer attacks. Pyongyang will likely further integrate cyber units into conventional military forces, the report predicts.
Verbatim: "In response to the cyberattack against Sony [Pictures] in November 2014, policymakers did not have an established menu of proportional response options, thus hindering the ability of the United States to respond quickly and send a clear signal. Establishing a declared policy allows for more timely responses and may have deterrent effects."
Click here to read the full report.
Sean Lyngaas is an FCW staff writer covering defense, cybersecurity and intelligence issues. Prior to joining FCW, he was a reporter and editor at Smart Grid Today, where he covered everything from cyber vulnerabilities in the U.S. electric grid to the national energy policies of Britain and Mexico. His reporting on a range of global issues has appeared in publications such as The Atlantic, The Economist, The Washington Diplomat and The Washington Post.
Lyngaas is an active member of the National Press Club, where he served as chairman of the Young Members Committee. He earned his M.A. in international affairs from The Fletcher School of Law and Diplomacy at Tufts University, and his B.A. in public policy from Duke University.
Click here for previous articles by Lyngaas, or connect with him on Twitter: @snlyngaas.