North Korea Cyber Attack Capability
"Cyberwarfare Capabilities. North Korea probably has a military computer network operations (CNO) capability. Implicated in several cyber attacks ranging from computer network exploitation (CNE) to distributed denial of service (DDoS) attacks since 2009, the North Korean regime may view CNO as an appealing platform from which to collect intelligence.
• According to a ROK newspaper, Seoul’s Central Prosecutor’s office attributed to North Korea a CNO activity on the ROK’s National Agricultural Cooperative Federation (Nonghyup Bank) servers in April 2011. Through remote execution, actorsrendered the bank’s online services inaccessible and deleted numerous files concerning customer bank accounts while removing all evidence of CNO activity in the bank’s servers.
• In the years spanning 2009-2011, North Korea was allegedly responsible for conducting a series of distributed denial of service (DDoS) attacks against ROK commercial, government and military websites, rendering them inaccessible.Technical attribution of cyberspace operations remains challenging due to the internet’s decentralized architecture and inherent anonymity. Given North Korea’s bleak economic outlook, CNO may be seen as a cost-effective way to modernize some North Korean military capabilities. As a result of North Korea’s historical isolation from outside communications and influence, it is likely to employ Internet infrastructure from third-party nations." (Military and Security Developments Involving the Democratic People’s Republic of Korea, US Department of Defense, 2012)