Home » Cyber » Cyber Security Center » Inside DPRK’s Unit 121

Inside DPRK’s Unit 121

by Ward Carroll on December 24, 2007

DPRK.jpg

Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.

The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn’t come as a surprise to anyone, but North Koreas intense effort stands out among the top ten nations developing cyber weapons.

Unit 121 Capabilities Assessment:

Force Size: Originally 1,000 — Current Estimate:17,000

Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Koreas military budget is estimated to be the 25th largest in the world.

Goal: To increase their military standing by advancing their asymmetric and cyber warfare.

Ambition: To dominate their enemys information infrastructure, create social unrest and inflict monetary damage.

Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.

Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.

Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.

Capabilities

Cyber Intelligence/Espionage: Basic to moderately advanced
weapons with significant ongoing development into cyber intelligence.

Offensive Cyber Weapons: Moderately advanced distributed
denial of service (DDoS) capabilities with moderate virus and malicious code capabilities.

North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.

In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.

For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.

The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.

Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.

Kevin Coleman

Share |

{ 21 comments… read them below or add one }

Roy Smith December 24, 2007 at 10:46 am

You know though,I would like to ask North Korea these questions,”How many days did it take for Kim Il Sung & Kim Chong Il to create the heavens & the earth(because they are worshipped as gods in North Korea)”,”Why did Kim Il Sung & Kim Chong Il name a dog a dog,a cow a cow,& a cat a cat,”& then finally,”If I was trapped on a desert island & prayed to Kim Il Sung & Kim Chong Il,would they hear my prayers?” Of course,I know its rude & disrespectful to mock another person’s “religion.”

Reply

Charles December 24, 2007 at 11:06 am

An EMP should do the trick (no nukes of course)

Reply

Jeff December 24, 2007 at 1:07 pm

No nukes???!!!
How about the ol’ Neutron Bomb. Failing that, I am all for the traditional type. (I love tradition, the 1911 .45ACP, the K-bar, the M-14, etc.)
A detonation at an altitude low enough to keep the effects within N.K. should due the trick, and provide a warning for others.
Merry Christian Christmas Kim Il Sung

Reply

Matt Jacobs December 24, 2007 at 3:45 pm

North Korea will most likely not go to war with the US. The DPRKs leader Kim Jong Il has only one goal: stay in power (keep his playboy lifestyle) and a war will bring a sure end to that. However if war did come. expect a lot of dead US servicemen. The NKPA (North Korean People's Army) is 1 million men strong and could mount a nasty war. Their equipment is bad (hell they use biplanes for recon aircraft) those soldiers they have are tough.

Reply

Manuel Matos December 24, 2007 at 4:54 pm

Well, Kim II Sung is worshipped as a god. Lets give this God A Neutron Diety to Pray to as well. Pray that it doesn’t go off over his head.

Reply

Roy Smith December 24, 2007 at 10:35 pm

Yes,but what if some hacker was able to take down the entire net system,shut down the internet itself?North Korea would try to take down South Korea’s infrastructure through cyber warfare & a massive ballistic missile barrage before it would launch its “malnourished million man army & rickety tanks & aircraft into South Korea.The big question about North Korea’s missiles are their maximum range,can they reach Guam or Alaska? Will we have up an adequate missile defense to stop them,would our missile defense be affected by a massive internet shutdown?

Reply

Kaltes December 24, 2007 at 11:40 pm

Matt Jacobs,
North Korea could kill a lot of US servicemen? With all due respect, that is about as stupid as likening internet hacking with nuclear holocaust.
I don’t know why you think North Korea’s troops are ‘tough’. They are physically weaker and smaller than South Koreans by a wide margin. Our troops are sitting behind the most fortified border in the world, and the North Koreans lack the tools required to breach that border in strength.
Even if the North Koreans COULD attack other than shooting artillery at civilians, their military is considerably weaker than the Iraqi forces the US faced in the Gulf War, and if you remember, we rolled over them.
Wars aren’t won by “tough fighters” any more. They are won by well trained, well equipped, well led fighters. Even if Nork troops could best our forces were they to compete on the “Survivor” reality show, that means nothing when it comes to actual warfare.

Reply

Kaltes December 24, 2007 at 11:52 pm

#1. Nork missiles are not much of a threat right now because they are unreliable and non-nuclear. Conventional ballistic missiles are not militarily effective because their payload and accuracy are inadequate to do more than kill some civilians if fired at a city.
#2. You can’t shut down the whole internet, that is the whole point of why DARPA originally developed the internet: survivability. The best anyone could do is take out domain name servers for limited periods of time, which would interfere with civilian use, but would not affect the military. Militaries have their own communication networks anyway.
#3. The US military does not rely on the internet. Even if you shut the whole internet down, this would only be a mild annoyance at most for the US military, if it affected them at all. Poorer countries, like China, North Korea, etc. are much more likely to try to use the internet for military communications because they cant afford a seperate, better communications network.

Reply

Kevin Coleman December 25, 2007 at 7:03 pm

A few points
Your Point #2 If you think taking out a domain server is the best someone can do you should consider looking at what happened to Estonia earlier this year. Russian attackers disrupted credit and debit card transactions for nearly three weeks.
A general point – the internet has been used to covertly acquire several pieces of classified technology plans due to security breaches. Just recently Oak Ridge National Labs (DOE) has it’s visitors (classified/cleared and general) breached and the name, ssn, DOB and clearance data exposed. At the same time an attack on Clearancejobs.com breached and got the names and email addresses exposed. The attacks using the internet are more frequent and more significant than mot people realize.
Your Point #3 In 2007 the DoD experienced over 80,000 network attacks because their systems do use the internet.

Reply

shane egbert December 25, 2007 at 8:53 pm

it is ironic that we americans (with all do respect) lack the intelligence that the rock army as it is called N. korean troops will create problems for our troops. my grandfather is one of the true combat soldiers that fought in the forgotten war and let me be the first to say N. korea will #### up america! and we should nuke the enemy N. korea and then some.

Reply

wpnexp December 26, 2007 at 11:26 am

OK, let’s drag this out. The guy says N. Korea has increased its cyber unit to 17,000 personnel. With a $70 million dollar budget, that is $4,117 per person. Now, these aren’t just average Joe’s, they would demand better pay, and there training would have to be expensive also. Finally, none of this even includes the cost of equipment, most of which would have to be imported. I would think the unit is no more than 1,000 personnel, probably with average equipment and training. Of course, there is always a chance they have a true genius working for them, oh wait, this is North Korea, if he was a true genius, he would defect.

Reply

Keith December 26, 2007 at 1:34 pm

This is one of the silliest things I have read here in a long time. Yes, if you wanted to you could clog up some networks in the US (individual sites only) but with many years of having to deal with malware payloads all critical networks in the US have multiple redundancies, and military traffic goes over it’s own fiber. You can hack for intelligence, but unless you have a fine grained view of your opponents networks and that opponent has single points of failure for you to compromise, you won’t do anything. Keeping in mind that NK only has a single point that it’s internal networks meet the internet, identifying an attack originating from there and shutting it down are trivial.
And battery powered EMP devices? What, are you kidding me? What are they going to do with that? Sneak in teams of agents to shut down a couple of ATM machines? That’s as much power as they’ll have.

Reply

Keith December 26, 2007 at 1:37 pm

Also, wtf is the sourcing on this piece? This sure sounds like a lot of garbage to me.

Reply

Chris December 26, 2007 at 3:06 pm

Lets look at this objectively. I served in Korea, and while they have a million man army, they are starved and poorly equipped. We would lose a lot of the troops we have in country currently, but we would win the war in the long run. The issue I saw while in country, is that there are a LOT of young South Koreans who want a unified Korea and are willing and able to fight AGAINST the US and ROK units if it came down to a war. I was flat out told by a KATUSA (Korean Augmentee to the United States Army) that he would shoot me and join the North if war started. Needless to say he was reported and I never saw him again anywhere near my unit. I believe they posted him on the border so he would not get the chance, however the sentiment is there. The older generations want us there, the younger ones do not.

Reply

EDD BIRTCIL December 26, 2007 at 7:21 pm

I was in an intelligence unit for 6yrs. and I think alot of uninformed people talk about various combinations ie;China&North Korea or what allies would join with them, that is a very small country and big land forces are not going to be a challenge once they have to be put on ships and moved to Japan or Indonesia.We have a SOUSS(hope That is correct)system in place that will isolate their armies and sink them wherever they want to move. Are they gooing to march south?No-march North?why.We should be keeping very close and inplace agents in the countries of the middle-east!And even for the countries there we have a great understanding of their thought processes and can controll their communications at any time we wish.Remember we broke both Germany and Japan’s code before or short after the start of hostilities.As mid-eastern kings may be setting up mass systems of interupting our communication systems we are already in place!There is so much going on behind the scenes and press releases that the American people will never know about we do have a whole NEW line of defense and that line is not privy to but to a few and that does not include the CIA.EMR’s are only a piece of our offense.So again I plead don’t despair.The Def.Dept.and “others”have some incredible advances that are in place.Over-Under-&-Around!Peace be with you all.Donot despair!! EDD

Reply

Jeff Shaw December 26, 2007 at 9:55 pm

I’ve heard that the No Korean Army has only one weapon for every four soldiers.
So how about this new Cyber Warfare unit? Are all 17,000 of those “hacker soldiers” going to queue up to use the five PC’s ??
LOL.

Reply

Kevin Coleman December 27, 2007 at 11:30 am

You faile dto mention the 5 PCs the North Korea has are the old 8088 IBM PC XTs form the early 1980s-so that means they do not suffer form all the security problems ov XP and Vista.
LOL

Reply

Frank December 29, 2007 at 8:25 pm

I can hide and shoot long distances, my children can hide and shoot long distances. I doub’t any invading army will make it very far into the USA. HA HA, wack the bad guys.

Reply

Frank December 29, 2007 at 8:26 pm

I can hide and shoot long distances, my children can hide and shoot long distances. I doub’t any invading army will make it very far into the USA. HA HA, wack the bad guys.

Reply

fawemjjr January 17, 2012 at 2:22 pm

rrW0nY ofuhlzxrcyrg, [url=http://vmyqepntvmgf.com/]vmyqepntvmgf[/url], [link=http://xbpjwntextuu.com/]xbpjwntextuu[/link], http://lirjqaswddye.com/

Reply

tiffany online May 19, 2013 at 10:43 am

Leave a Comment

Previous post:

Next post: