Kim Jong Un’s ‘All-Purpose Sword’ North Korean Cyber-Enabled Economic Warfare
Contents
FOUNDATION FOR DEFENSE OF DEMOCRACIES
Kim Jong Un’s ‘All-Purpose Sword’
North Korean Cyber-Enabled
Economic Warfare
Mathew Ha & David Maxwell
October 2018
Kim Jong Un’s ‘All-Purpose Sword’
North Korean Cyber-Enabled
Economic Warfare
Mathew Ha
David Maxwell
October 2018
FDD PRESS
A division of the
FOUNDATION FOR DEFENSE OF DEMOCRACIES
Washington, DC
Kim Jong Un’s ‘All-Purpose Sword:’ North Korean Cyber-Enabled Economic Warfare
Table of Contents
EXECUTIVE SUMMARY...................................................................................................................... 6
CYBER IN THE CONTEXT OF NORTH KOREA’S STRATEGIC OUTLOOK.............................. 7
NORTH KOREAN CYBER PERSONNEL, TOOLS, RESOURCES,
AND INTERNET INFRASTRUCTURE.............................................................................................. 10
Bureaucratic Structures...................................................................................................................................11
The Lazarus Group...........................................................................................................................................13
Educational Institutions and Research Centers...........................................................................................14
Network and Internet Infrastructure.............................................................................................................16
North Korea’s IT Industry...............................................................................................................................17
NORTH KOREAN CYBER TACTICS AND CAPABILITIES:
CASE STUDIES AND LESSONS LEARNED...................................................................................... 18
Case Study 1: Economic Attacks – Ten Days of Rain (2011) and DarkSeoul Attack (2013).................19
Case Study 2: Cyber Terrorism – Sony Hack (2014)...................................................................................20
Case Study 3: Extortion – Korea Hydro and Nuclear Power (2015).........................................................22
Case Study 4: Cyber-enabled Theft – SWIFT and Cryptocurrency Exchanges (2016-2017)................23
Case Study 5: Cyber-enabled Theft – WannaCry (2017)............................................................................24
Case Study 6: Reconnaissance – Reaper and Operation GhostSecret …
Kim Jong Un’s ‘All-Purpose Sword’
North Korean Cyber-Enabled
Economic Warfare
Mathew Ha & David Maxwell
October 2018
Kim Jong Un’s ‘All-Purpose Sword’
North Korean Cyber-Enabled
Economic Warfare
Mathew Ha
David Maxwell
October 2018
FDD PRESS
A division of the
FOUNDATION FOR DEFENSE OF DEMOCRACIES
Washington, DC
Kim Jong Un’s ‘All-Purpose Sword:’ North Korean Cyber-Enabled Economic Warfare
Table of Contents
EXECUTIVE SUMMARY...................................................................................................................... 6
CYBER IN THE CONTEXT OF NORTH KOREA’S STRATEGIC OUTLOOK.............................. 7
NORTH KOREAN CYBER PERSONNEL, TOOLS, RESOURCES,
AND INTERNET INFRASTRUCTURE.............................................................................................. 10
Bureaucratic Structures...................................................................................................................................11
The Lazarus Group...........................................................................................................................................13
Educational Institutions and Research Centers...........................................................................................14
Network and Internet Infrastructure.............................................................................................................16
North Korea’s IT Industry...............................................................................................................................17
NORTH KOREAN CYBER TACTICS AND CAPABILITIES:
CASE STUDIES AND LESSONS LEARNED...................................................................................... 18
Case Study 1: Economic Attacks – Ten Days of Rain (2011) and DarkSeoul Attack (2013).................19
Case Study 2: Cyber Terrorism – Sony Hack (2014)...................................................................................20
Case Study 3: Extortion – Korea Hydro and Nuclear Power (2015).........................................................22
Case Study 4: Cyber-enabled Theft – SWIFT and Cryptocurrency Exchanges (2016-2017)................23
Case Study 5: Cyber-enabled Theft – WannaCry (2017)............................................................................24
Case Study 6: Reconnaissance – Reaper and Operation GhostSecret …