A recent study published by the United States Army sheds light on the Korean People’s Army (KPA). The over 300 pages report gives details about North Korea’s military tactics, weapons and arsenal, military troops, command structure, logistics and North Korea’s online warfare capabilities.
According to the report, dubbed North Korean Tactics is a training manual for the United States Army and its leaders and was made available for the first time back in July. Furthermore, the report claims that North Korea currently has over 6,000 hackers based in nations such as Belarus, China, India, Malaysia, Russia etcetera. Moreover, the report indicates that the Asian country has several divisions of hackers who are steadfast on crypto and other related cyber crimes.
North Korea’s Bureau 121
The bulk of the detailed report focuses on classic military strategies and capabilities, but it also elucidates on North Korea’s state-sponsored network of hackers. The United States army claims that Bureau 121 has significantly expanded over the years, as the hermit nation enlarged its online capabilities.
The report notes that Bureau 121 hackers have massively increased, from at least 1,000 professional hackers in 2010, to over 6,000 present. Furthermore, the report sheds light on the number of divisions that make up Bureau 121. As per the army report, the Bureau 121 has four key sub-divisions, with more than half of those units steadfast on cybercrimes, and just one on electronic warfare.
The first unit is referred to by cybersecurity professionals as Andariel Group, an alias used to refer to a government-backed hacking group. According to the report, the group has about 1,600 members who are tasked with collecting information and assessing the victim’s weaknesses.
The second unit is referred to as the Bluenoroff Group. As per the U.S. Army, this group is tasked with launching long-term financial attacks, including crypto-related crimes. The group reportedly has 1,700 members.
Lazarus Group has been accused of several high-profile cyber attacks
The third unit is what cybercrime experts refer to as the Lazarus Group, a code name used to identify North Korean hackers. The report does not mention the exact number of members this unit has, but it is tasked with creating social chaos.
The Lazarus Group is the most popular of Bureau 121, following high profile attacks on crypto exchanges and the creation of the WannaCry malware back in 2017. The group was also behind the popular hack against Sony Pictures.