July 18, 2022

Mapping Major Milestones in the Evolution of North Korea’s Cyber Program

By: Jason Bartlett

Pyongyang has been developing an offensive cyber program for over 35 years through domestic innovation and foreign assistance. During that time, North Korea has undergone major transformations in its cybercrime modus operandi, shifting from disruptive cyberattacks and cyber intrusions primarily targeting South Korean government agencies to hacking banks and cryptocurrency exchanges located both on and off the Korean Peninsula.

While there is a growing amount of research identifying past, present, and potentially future North Korean cyberattacks, there is relatively little investigation into the potential origins of the country’s cyber program. Understanding the evolution of North Korea’s offensive cyber program can provide countries like South Korea and the United States with valuable information that can help improve bilateral cybersecurity strategy, including the joint cyber-working group discussed in the May 2022 U.S.-ROK Summit with Presidents Joe Biden and Yoon Suk Yeol.

While there is a growing amount of research identifying past, present, and potentially future North Korean cyberattacks, there is relatively little investigation into the potential origins of the country’s cyber program.

Early Domestic Innovation and Foreign Assistance

North Korean society has been inherently linked to the military since the founding of the country in 1945. Beyond its status as an authoritarian state, all North Korean men are required to serve in the military for 10 years. As such, Pyongyang has recruited high-scoring graduates from top technology and computer science universities into the country’s military and intelligence agencies to expand its cyber capabilities and readiness. Two leading computer science universities in North Korea, Kim Il Sung University and Kim Chaek University of Technology, share historic ties with the North Korean military and IT sector, as well as foreign exchange programs with foreign universities that have potentially contributed to the expansion of the country’s cyber program. Starting in the mid-1980s, Pyongyang established three institutions that significantly contributed to advancing the country’s offensive cyber program: Mirim College, the Pyongyang Informatics/Information Center, and the Korea Computer Center.

Read the full article from The Diplomat.

More from CNAS

  • Podcast
    • May 8, 2025
    How Do You Tariff a Movie and Liza Tobin on the Trade War with China

    China expert Liza Tobin, managing director at Garnaut Global and new CNAS adjunct senior fellow, joins Emily Kilcrease and Geoffrey Gertz to discuss the ins and outs of the US...

    By Emily Kilcrease, Geoffrey Gertz & Liza Tobin

  • Podcast
    • May 3, 2025
    Friendshore First, Trade War Second

    Edward Fishman is the author of Chokepoints: American Power in the Age of Economic Warfare. Fishman is an adjunct senior fellow at the Center for a New American Security (CNAS...

    By Edward Fishman

  • Podcast
    • May 1, 2025
    Trump's First 100 Days in Trade Policy

    Emily and Geoff look back on the first 100 days of Trump’s trade policy, with a focus on how different parts of the U.S. political and economic system are reacting. They get i...

    By Emily Kilcrease & Geoffrey Gertz

  • Podcast
    • April 24, 2025
    What Is President Trump’s Economic Plan?

    A to-and-fro between Washington and Beijing has left many world leaders confused who to side with, as many look towards the White House wondering if there is a detailed plan a...

    By Emily Kilcrease

View All Reports View All Articles & Multimedia