October 3, 2018 | Press Release

North Korean cyber attacks complement its nuclear capabilities: FDD Study

New report finds cyber campaigns are part of Pyongyang’s war and peacetime strategies

(Washington, D.C., October 3, 2018) – While North Korea’s cyber capabilities cannot match those of China or Russia, Pyongyang’s operatives are making significant improvements and pose a threat to U.S. economic and national security, according to a new report issued today by the Foundation for Defense of Democracies (FDD).

Mathew Ha and David Maxwell write in “Kim Jong Un’s ‘All-Purpose Sword’: North Korean Cyber-Enabled Economic Warfare,” that even as Kim Jong Un’s nuclear and ballistic missile arsenals present the most pressing threat, cyber campaigns complement North Korea’s conventional and unconventional military capabilities and broaden the regime’s toolkit for threatening the military and economic assets of the United States and its South Korean ally.

Whether or not Pyongyang decides to limit its nuclear weapons program, the regime is likely to use malicious cyber activity to engage in provocative behavior below the threshold of war to win political and economic concessions that ensure the Kim family regime’s survival.

“Showcasing and testing nuclear weapons and ballistic missiles was the cornerstone of this strategy,” the authors explain. Today, cyber-enabled economic warfare operations provide a potential low-cost, alternative tool to extort concessions by threatening U.S. and South Korean critical infrastructure and industries.

“Fifteen or even 10 years ago, when analyzing potential blowback to U.S. sanctions on North Korea or U.S.-South Korean military exercises, there was never a consideration of the Kim regime’s ability to target the U.S. economy,” said Samantha Ravich, senior advisor and Principal Investigator of FDD’s cyber-enabled economic warfare (CEEW) project. “Now, North Korea has one of the most capable and aggressive cyber operations. Facing intense U.S. economic sanctions, Pyongyang may consider using its cyber capabilities to attack the U.S. economy.”

Ha, an FDD research associate, and Maxwell, a Senior Fellow specializing in North Korea, conclude that while the majority of North Korea’s malicious cyber activity today is “focused on making – or stealing – money for the regime or on collecting data, the technical capabilities that the regime is perfecting could be leveraged in cyber-enabled economic warfare operations.” This assessment aligns with current trends in the cyber threat landscape: as most malign cyber actors are focused on revenue generation, many increasingly have the capabilities and inclinations to engage in destructive attacks.

The authors propose six policy recommendations the U.S. government should consider when addressing the specific cyber threats from North Korea.

This report is the third in a series of studies on the capabilities and strategies of U.S. adversaries to engage in CEEW against America and its allies. The previous reports examined the strategies of the Russian government and the Chinese Communist Party.

For media inquiries, contact [email protected] or 202.403.2904.

About FDD:
The Foundation for Defense of Democracies (FDD) is a Washington, DC-based non-partisan policy institute focusing on foreign policy and national security. Visit our website at http://www.defenddemocracy.org/and connect with us on TwitterFacebook, and YouTube.


Blockchain and Digital Currencies Cyber Cyber-Enabled Economic Warfare North Korea