Home » Cyber » Cyber Security Center » Inside DPRK’s Unit 121

Inside DPRK’s Unit 121

by Ward Carroll on December 24, 2007

DPRK.jpg

Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.

The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn’t come as a surprise to anyone, but North Koreas intense effort stands out among the top ten nations developing cyber weapons.

Unit 121 Capabilities Assessment:

Force Size: Originally 1,000 — Current Estimate:17,000

Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Koreas military budget is estimated to be the 25th largest in the world.

Goal: To increase their military standing by advancing their asymmetric and cyber warfare.

Ambition: To dominate their enemys information infrastructure, create social unrest and inflict monetary damage.

Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.

Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.

Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.

Capabilities

Cyber Intelligence/Espionage: Basic to moderately advanced
weapons with significant ongoing development into cyber intelligence.

Offensive Cyber Weapons: Moderately advanced distributed
denial of service (DDoS) capabilities with moderate virus and malicious code capabilities.

North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.

In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.

For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.

The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.

Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.

Kevin Coleman

Share |

{ 21 comments… read them below or add one }

Leave a Comment

Previous post:

Next post: