North Korea’s Cyber War Forces

The picture above from shows North Korea at night. Yes, North Korea is the big black void circled in red surrounded by all the other countries that are lit up like Christmas Trees. So how is this nation, boasting about 30 external facing websites – all run by the government, such a threat to the cyber world?

Especially when compared to S. Korea (the glowing peninsula below N. Korea) which is one of the most connected countries in the world.

According to Richard A. Clarke’s book “Cyber War: The Next Threat to National Security and What to do about It” (excellent book by the way), North Korea, one of the least connected countries in the world has one of the most advanced cyber war programs.

So how can this be?

North Korea has four known cyber warfare units and Clarke states that the cyber forces are broken down as follows:

  • Unit 110 – Also known as the “Technology Reconnaissance Team” was most likely responsible for the July 2009 DDoS attacks against the US and South Korea.
  • Unit 35 – Also known as the “Central Party’s Investigations Department” is the smallest group but is responsible for both internal defense and offensive capabilities.
  • Unit 204 – Also known as the “Enemy Secret Department Cyber Psychological Warfare Unit” has about 100 hackers.
  • Unit 121 – Also known as the “Korean People’s Army (KPA) Joint Chiefs Cyber Warfare Unit” has over 600 hackers and would be responsible for disabling South Korea’s C3 functions (Command, Control and Communications) in case of armed conflict.

North Korean Students that show aptitude are selected from elementary schools and are groomed in cyber warfare throughout their college years. They constantly hone their skills and even attend foreign colleges to learn the latest security techniques.

But if North Korea is so unconnected, it would seem to be very easy to detect attacks coming from these specialized units and shut them down. This would be the case, but many of these units are not even stationed in North Korea. They operate out of China!

According to the book, anywhere from 600 to 1,000 Korean cyber war agents are working out of China. Apparently two suspected bases of operations are located at hotels in Sunyang and Dandong.

With the flood of cyber attacks coming out of China, one has to wonder, is it really North Korean hackers behind it all? Or, are the Chinese and Korean hackers acting as one in the same?


South Korean Students see Cyber Attack as top North Korean threat

6 thoughts on “North Korea’s Cyber War Forces”

  1. I dont think DPRK have the capabilities in hacking US and South Korea even though they have organized special units for this. We know how US and South Korea are well advance in terms of technologies and knowledge
    about cyber space.

    1. The North Korean cyber attacks against S. Korea and the US are fairly well documented.

      True, the US does have very strong Offensive cyber capabilities. But our problem is defensive. We have so many connected systems with various levels of security. Attacks against the US are getting much more sophisticated also. Many big name US tech firms have been hacked in the last year alone.

      And the North Koreans are not acting alone. They get a lot of cyber training and support from the Chinese.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.