Tuesday, December 25, 2007

Inside DPRK's Unit 121

Kevin Coleman
December 24, 2007 08:41 AM
DefenseTech

Military planners and security experts have intensified their shouts of concern about the development of cyber weapons and the distinct possibility of a cyber war. Cyber warfare is not new. It has been in modern military doctrine for the past decade not to mention the number of terrorist groups who have threatened the use of cyber weapons against the west. However, what has changed is the number of countries that posess these capabilities today.

The North Korean military created a new unit that focuses solely on cyber warfare. The unit, dubbed Unit 121, was first created in 1998 and has steadily grown in size and capability since then. Interest in establishing cyber war forces shouldn't come as a surprise to anyone, but North Korea’s intense effort stands out among the top ten nations developing cyber weapons.

Unit 121 Capabilities Assessment:

Force Size: Originally 1,000 - Current Estimate:17,000

Budget: Total military budget $6 billion USD. Cyber Budget $70+ million. North Korea’s military budget is estimated to be the 25th largest in the world.

Goal: To increase their military standing by advancing their asymmetric and cyber warfare.

Ambition: To dominate their enemy’s information infrastructure, create social unrest and inflict monetary damage.

Strategy: Integrate their cyber forces into an overall battle strategy as part of a combined arms campaign. Additionally they wish to use cyber weapons as a limited non-war time method to project their power and influence.

Experience: Hacked into the South Korea and caused substantial damage; hacked into the U.S. Defense Department Systems.

Threat Rating: North Korea is ranked 8th on the Spy-Ops cyber capabilities threat matrix developed in August of 2007.

Capabilities:

Cyber Intelligence/Espionage: Basic to moderately advancedweapons with significant ongoing development into cyber intelligence.

Offensive Cyber Weapons: Moderately advanced distributeddenial of service (DDoS) capabilities with moderate virus and malicious code capabilities.
North Korea now has the technical capability to construct and deploy an array of cyber weapons as well as battery-driven EMP (electro magnetic pulse) devices that could disrupt electronics and computers at a limited range.

In the late spring of 2007, North Korea conducted another test of one of the cyber weapons in their current arsenal. In October, the North Koreans tested its first logic bomb. A logic bomb is a computer program that contains a piece of malicious code that is designed to execute or be triggered should certain events occur or at a predetermined point of time. Once triggered, the logic bomb can take the computer down, delete data of trigger a denial of service attack by generating bogus transactions.

For example, a programmer might write some software for his employer that includes a logic bomb to disable the software if his contract is terminated.

The N Korean test led to a UN Security Council resolution banning sales of mainframe computers and laptop PCs to the East Asian nation. The action of the United Nations has had little impact and has not deterred the North Korean military for continuing their cyber weapons development program.

Keeping dangerous cyber weapons out of the hands of terrorists or outlaw regimes is next to impossible. As far back as 2002, White House technology adviser Richard Clarke told a congressional panel that North Korea, Iraq and Iran were training people for internet warfare. Most information security experts believe that it is just a matter of time before the world sees a significant cyber attack targeted at one specific country. Many suggest the danger posed by cyber weapons rank along side of nuclear weapons, but without the physical damage. The signs are there. We need to take action and prepare for the impact of a cyber war.

3 comments:

  1. Great article! I am hoping our intelligence community has the same intel on all the countries creating cyber weapons capabilities.

    ReplyDelete
  2. GREAT Article! I am hoping our intelligence community has this information on all the other countries that are creating cyber warfare capabilities.

    ReplyDelete
  3. Thank you so much SG.

    I also hope that our intel community is preparing/conducting offensive cyber-strikes and defensive counter-measures, just as our adversaries are preparing and actually conducting offensive cyber-strikes against us.

    ReplyDelete