Cyber-Reports-2018-03.pdf (1 MB)

ETH Zurich's 2018 Hotspot Analysis reviews DPRK-linked cyber disruption and cybercrime from 2009 onward. It describes targets that include South Korean institutions and media, US military and government entities, businesses, financial institutions, cryptocurrency exchanges, and domestic DPRK systems. The report highlights spear phishing, DDoS, and malware families such as Destover, Jokra, DOGCALL, WannaCry, and Android malware, and connects DPRK cyber activity to financial theft, espionage, disruption, and the country's asymmetric strategy.