Our Approach

Definitive Guide to Ransomware

Threat profileNorth Korea

Characterizing for North Korea in cyberspace, is that it showcases how possessing offensive cyber capabilities can be a very attractive way of countering conventional military strength, whilst keeping costs and risks relatively low. What is certainly unique to North Korea, is that it actively uses its cyber capabilities to steal money to fund its nuclear and ballistic missile programs.

Request a free membership to access our full research insights

  • Strategic motives: Espionage, information theft, disruption, financial gain
  • Strategic goals: Ensuring the continuity of the regime; becoming completely self-reliant
  • Cyber capabilities: ★★★☆☆
  • Number of known cyber operations: ★★☆☆☆
  • Number of APTs: 19

Top-5 Actors

By amount of operations

North Korean APTs

OUR OBSERVATIONS

0

Advanced Persistent Threats (APTs)

0

Tactics, Techniques & Procedures (TTPs)

0

Attack tools

SWOT analysis

Strengths, weaknesses, opportunities & threats

Strengths

  • Unlimited support from the regime
  • Large number of specialized cyber units (espionage, disruption, financial gain) with sophisticated capabilities

Weaknesses

  • Relatively weak defensive cyber capabilities
  • Longstanding economic sanctions that limit access to knowledge, technology and other ‘wealth-creation opportunities’
  • Limited access to highly skilled personnel and internet technologies

Opportunities

  • Using cyber to counter conventional military strength, (mis)using the factor of ‘plausible deniability’
  • Use of cyber capabilities to attack financial targets (e.g. crypto exchanges) to fund the regime
  • Conducting operations from other countries where there is no risk of extradition (e.g. China)
  • Conducting cyber espionage operations to obtain IP and high-tech knowledge to modernize own key industries (e.g. defense, manufacturing, high-tech)

Threats

  • Operating in limitations, such as power cutdowns and very limited international internet gateways
  • Target of disruptive / espionage cyber operations by other nation states
  • Issuing of more sanctions
  • Adversaries denying North Korea internet access

Interested in our fully detailed country analysis?

Our articles covering North Korean threats

From Hunt & Hackett experts

Learn more about our threat research?