REPORT_NorthKorea_CEEW_SmF5IFa.pdf (1 MB)

FDD frames North Korean cyber operations as a tool for economic warfare, espionage, coercion, and revenue generation under sanctions. The excerpt cites DOJ allegations against Park Jin Hyok linking North Korean government-backed activity to the Sony Pictures hack, Bangladesh Bank SWIFT theft, and WannaCry. Its case studies trace an evolution from DDoS activity such as Ten Days of Rain to destructive and financially motivated operations including DarkSeoul, Korea Hydro and Nuclear Power, SWIFT-related bank theft, cryptocurrency exchange hacks, and Operation GhostSecret. The report emphasizes that North Korea’s capabilities had improved enough by 2018 to threaten South Korean, U.S., and allied financial, corporate, energy, and national security targets.