Threat profileNorth Korea
Characterizing for North Korea in cyberspace, is that it showcases how possessing offensive cyber capabilities can be a very attractive way of countering conventional military strength, whilst keeping costs and risks relatively low. What is certainly unique to North Korea, is that it actively uses its cyber capabilities to steal money to fund its nuclear and ballistic missile programs.
Request a free membership to access our full research insights
Already a member? Login here
- Strategic motives: Espionage, information theft, disruption, financial gain
- Strategic goals: Ensuring the continuity of the regime; becoming completely self-reliant
- Cyber capabilities: ★★★☆☆
- Number of known cyber operations: ★★☆☆☆
- Number of APTs: 19
Top-5 Actors
By amount of operations
North Korean APTs
OUR OBSERVATIONS
0
Advanced Persistent Threats (APTs)
0
Tactics, Techniques & Procedures (TTPs)
0
Attack tools
SWOT analysis
Strengths, weaknesses, opportunities & threats
Strengths
- Unlimited support from the regime
- Large number of specialized cyber units (espionage, disruption, financial gain) with sophisticated capabilities
Weaknesses
- Relatively weak defensive cyber capabilities
- Longstanding economic sanctions that limit access to knowledge, technology and other ‘wealth-creation opportunities’
- Limited access to highly skilled personnel and internet technologies
Opportunities
- Using cyber to counter conventional military strength, (mis)using the factor of ‘plausible deniability’
- Use of cyber capabilities to attack financial targets (e.g. crypto exchanges) to fund the regime
- Conducting operations from other countries where there is no risk of extradition (e.g. China)
- Conducting cyber espionage operations to obtain IP and high-tech knowledge to modernize own key industries (e.g. defense, manufacturing, high-tech)
Threats
- Operating in limitations, such as power cutdowns and very limited international internet gateways
- Target of disruptive / espionage cyber operations by other nation states
- Issuing of more sanctions
- Adversaries denying North Korea internet access
Our articles covering North Korean threats
From Hunt & Hackett experts