Category North Korea

When will North Korea collapse?

Will North Korea collapse? When will it collapse? Questions North Korea researchers hear all the time, and given a recent boost after comments from President Obama mentioned Pyongyang’s collapse, followed quickly by an article and mea culpa from well-known, long-time Korea specialist Aidan Foster-Carter. Foster-Carter’s article lays out the general lines of the debate, ‘collapsism’, and 20+ years of poor policy choices by the U.S. and other governments based on the idea that “the North is going to collapse … any day now … Any. Day. Now.”

Plenty of Korea specialists have taken a stab at this parlor game of predicting Pyongyang’s fall: Foster-Carter, per above; Victor Cha, current Georgetown professor and former Director for Asian Affairs at the NSC in his 2012 book; economic specialists (e.g. Haggard and Noland). Intelligence analysts and foreign policy specialists have filled entire servers (and before that, file cabinets) with studies on when the North will collapse. Here’s one from the CIA circa 1997/98 (also here) that featured a majority of Korea specialists convened by Langley doubting the regime could last another five years (we’re coming up on 20).

Not to begrudge anyone their game, but what’s the point?


Book Review of ‘The Real North Korea: Life and Politics in the Failed Stalinist Utopia’ by Andrei Lankov

[Book Review] Lankov is one of the world’s top North Korea specialists, publishing in English or Korean, and has the rare benefit of speaking the language and having spent time studying in the North. While getting time on the ground in North Korea can be difficult, too few ‘experts’ have spent much time in either of the Koreas, or even bothered to learn the language – problems readily apparent when talking to many U.S. military, intel agency, or other denizens of government assigned to Korea issues. Given 60+ years of failure to achieve U.S. goals when it comes to the North, maybe it’s time to try learning from folks like Lankov.

The book opens with a history of the North and the ruling Kim family that builds the framework for later chapters explaining why Pyongyang makes the decisions it does (hint: it’s not cause they’re crazy). A couple of quotes that relate to the point:

“The North Korean leaders do not want reforms [AKA more trade/interaction with the outside world, as the U.S. State Dept. is forever trying to foster] because they realize that in the specific conditions produced by the division of their country, such reforms are potentially destabilizing and, if judged from the ruling elite’s point of view, constitute the surest way of political (and, perhaps, physical) suicide.” [Hardcover edition, pg. 112]. The North Korean elite “would be happy to see a North Korean economic boom – as long as they are not going to enjoy this wonderful picture through the window gate of their cell.” [Pg. 118].

The last third of the book focuses on the future and what outsiders could do to foster change inside the North, or at least reduce tensions and enhance regional stability in NE Asia. Here, like other North Korea specialists (many outside of government), Lankov outlines the important role information can play in pressuring the North Korean regime. Ironically, this overlaps with the semi-idiotic movie ‘The Interview’ and the fear and anger it engendered in the North – military and physical threats are not the key, discrediting the leadership in the eyes of the North Korean populace is the key. In Lankov’s words:


Brief History of North Korean Cyber Attacks

Is North Korea, widely viewed in the outside world as equal parts backward and crazy, even capable of conducting a cyber attack?


Prior to the cyber attack on Sony, widely though not entirely thought to be the work of North Korea, the North has been blamed for successful cyber attacks on South Korean media companies, military and government networks, banks, and universities. Some of the first attacks blamed on the North occurred in 2009 and the South has regularly blamed the North for cyber attacks since, with Korean and international analysts noting both similar tactics and the attacks’ growing technical sophistication.

While North Korean decision-making may appear opaque and often outlandish to outside observers, this does not mean the country lacks technical skill, as evidenced by its successful nuclear and ballistic missile programs. The North’s technology has even attracted an international following, most notably from Iran.

In 2012, Iran and North Korea signed a framework agreement on technology sharing that formalized ongoing IT, nuclear, and other tech-related cooperative development efforts. This cooperation has increased Iran’s cyber capabilities, exhibited most clearly by an October 2012 cyber attack on Saudi Arabia’s Aramco Oil. By 2013, experts had begun to note technical and tactical similarities in attacks separately attributed to Iran and North Korea, including a series of disruptive attacks that led major U.S. banks to request help from the NSA. Related writings on Iranian attacks can be found here.


North Korea’s Sony Cyber Attack: North Korea 1 … Sony 0 … Free Speech 0 … U.S. 0

With the dual announcements that Sony is canceling ‘The Interview’ and the U.S. believes North Korea is behind the cyber attack on Sony that led to the movie’s cancellation, we all just got to witness a textbook case of successful cyber and psychological operations. Ironically, the success came from a country commonly viewed as a technology backwater – North Korea.

Since information on the movie first started to appear, the North has made it very clear that it objected to the movie, especially the purported assassination of its leader. As production finished and the release date neared, with no sign of the movie being cancelled, the North apparently decided to try options aside from public objections.

Military, diplomatic, and economic options likely offered limited ability to get the movie canceled, especially when compared to cyber options – a skillset the North has been honing for years. Step one would be to get inside Sony’s systems, step two would be to steal or destroy the movie. Failing that, psychological operations (what the U.S. military calls ‘information operations’) came into play. By releasing the most salacious information gained during the attack, the hackers were able to gain massive amounts of media coverage.


North Korea and Iran – cyber power BFFs?

UPDATE (22 FEB 2015): New story from longtime Korea-watcher Donald Kirk on how Iran’s ties to North Korea may hamper any DC-Tehran nuclear deal.


UPDATE (18 DEC): The U.S. has reportedly concluded that North Korea was responsible for the cyber attack on Sony. The report goes on to mention an Iranian – North Korean connection, based on similar techniques used in the Sony attack and previous attacks in South Korea and Saudi Arabia. No word yet on a decision regarding response measures, if any.

Since the signing of a 2012 pact on IT research cooperation between Iran and North Korea, there have been a series of reports on cyber activities and attacks conducted by the two nations. This year alone we have a cyber attack on the Sands Casino in Las Vegas (widely attributed to Iran), an attack on Sony that’s still making headlines (widely attributed to North Korea), and a report last week from a leading cyber security firm highlighting Iranian advances in cyber capabilities likely developed in conjunction with North Korea.

Prior to Sony (if indeed that attack was carried out by the North), Pyongyang had been blamed for a series of attacks on South Korean banking, media, and other websites. In one attack, targeting Nonghyup, the agricultural bank, 30 million customers spent days locked out of their accounts.

In 2012, Iran was blamed for a series of attacks targeting U.S. banks and financial institutions. While damage was limited, the banks involved did eventually turn to the NSA for help. Much of the reporting on Iran has highlighted Iranian attention to the cyber domain in the wake of the successful/disastrous (depending on your point of view) Stuxnet attack on Iran’s nuclear program. This attack awakened the regime to both the dangers and opportunities of the cyber domain, and Iran has been rapidly working to expand its capabilities ever since – including the 2012 agreement with North Korea mentioned above.


WORK HARD FOR THE KIMS! An Introduction to North Korea

UPDATE (19 FEB): The book is now (finally!) available on Kobo.

The “KIMS” in the title represent North Korea’s ruling family, in power in Pyongyang since the 40s and anxious to stay there. The images in the book introduce North Korean history, culture, and ideology by translating the country’s unique propaganda posters into English, then exploring their themes and messages.

Most of the posters used in the brief book are already here on the website, or available on the Facebook page, but the book includes additional details and explanations.

The book is currently available for download from Amazon for Kindle, Barnes and Noble for Nook, and Apple’s iBooks store. A Kobo version will be available soon. Please let me know if you’d like to see the book available in additional formats. There are no plans to publish a paperback or hardcover version at this time.


New North Korean Propaganda Posters Added

New images, with translations and explanations, added to the North Korean Propaganda Posters page both here on the site, and in the much larger Facebook album.

Death of Kim Il-sung in 1994

The unlikeliest of images – a tall Kim Jong-il has rushed to the main public square overlooking Pyongyang to comfort the masses, distraught at the death of Kim Il-sung (in 1994). The younger Kim was, by nearly all accounts, quite reclusive, disliking the limelight and public appearances – making this one of the oddest, most unbelievable of NK propaganda posters.


2009-2013 Internet attacks on South Korea part of ongoing cyber espionage campaign – McAfee Labs

McAfee, the Internet security company owned by Intel, has a research lab that just put out a report covering four years of hacking attacks aimed at South Korea. What previously appeared to be isolated attacks on media, banks, and government websites, many of them detailed here and in the report, are instead part of an ongoing 2009-2013 espionage campaign targeting military forces in South Korea in order to extract classified information. Targets included information on U.S. military forces and their operations in the South.

McAfee Labs

McAfee Labs

Through examining the evolving code used in the attacks, McAfee Labs found the attacks on South Korean banks, media, universities, elections, government, and other websites shared common source code, one encryption password, similar use of IRC botnets, consistent terminology, and a target set of military keywords. The report, on page 22, even lists the (somewhat poorly translated) Korean keywords used to target military operations in South Korea, including by U.S. forces.

Rather than a separate group of incidents targeting South Korea, which the South’s government, after conducting investigations, has attributed to the North, McAfee Labs is arguing that the incidents are all part of one, “secret, long-term campaign.” A campaign that reveals an adversary, “attempting to spy on and disrupt South Korea’s military and government activities.”

The McAfee report does not explicitly blame any particular country for the attacks, but makes the case that the attacks have been conducted by the same organization, taking the same measures against the same sites in an ongoing, state-level espionage operation. Investigating the same incidents separately, the South has laid official blame for the attacks on the North. If the South’s researchers haven’t already figured out what’s in the McAfee report, its findings will likely play a role in relations between the two Koreas very shortly.


Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power

[Book Review] The author, David Sanger, appears to have better access to classified information than most gov’t intel analysts; he certainly has better access to policy makers and strategists. The coverage of cyber operations, especially Stuxnet and Olympic Games, is the most powerful and revealing section of the book – given that Sanger was at the forefront of breaking these stories in the media, hardly a surprise.

The book, with its insider, high-level accounts of foreign policy strategy and operations covering much of Obama’s first term, practically puts you in the White House, but, perhaps inadvertently, it also serves as a reminder of the large gap between high level policymakers and low-level analysis/analysts. Specifically, as a former Asia analyst for the Joint Chiefs, it reminded me that academics and the media, even with only limited access to (formerly) classified information, are often better at predicting and spotting new, unexpected trends than those buried deep within government. So much intel analysis focuses on dealing with our software systems, building collections databases, and making link diagrams – all useful at a mechanical, tactical level – that the focus can narrow and turn reactive, missing broader, strategic level developments often apparent to those on the ground overseas … ala some members of the media, academia, and expat business folks.

While not an explicit message of Sanger’s book, which focuses much of its attention on how Obama’s team handled its foreign policy “inheritance” from the Bush era wars, the gap between inside intel and outside reporting becomes an easy takeaway.


UNESCO adds North Korea, Iranian sites to Heritage List

UNESCO added a group of sites in and around Kaesong, North Korea to the World Heritage List yesterday, citing their importance to “the transition from Buddhism to neo-Confucianism in East Asia and to the assimilation of the cultural spiritual and political values of the states that existed prior to Korea’s unification under the Koryo Dynasty.”

I’ve visited the area in and around the sites and will post a few photos below.



The Koryo Museum, located on the grounds of a palace complex just outside Kaesong.