North Korea denounces US-led cyberwar exercise

By Dain Oh, The Readable
Nov. 10, 2022 10:04PM KST

Shortly after the United States wrapped up an annual cyber exercise, called “Cyber Flag 23-1,” North Korea published a statement denouncing the U.S. defense efforts in cyberspace.

In a post, which was uploaded on a website by the Ministry of Foreign Affairs in North Korea on Wednesday, Kim Kuk-myong, a member of Association for Countermeasures against International Cybercrimes, criticized the U.S. predominance in cyberspace, arguing that the U.S. has expanded cyber capacity in order to spy on its “potential enemies and anti-U.S. independent countries.”

Source: The Ministry of Foreign Affairs in North Korea

Written under the title “War Exercise for Predominance in Cyberspace,” Kim wrote that the “exercise has earned criticism from the international community as it involved the participation of the puppet group of South Korea for the first time.” For Cyber Flag 23-1, which took place from October 17 to 28, more than 20 countries, including Australia, France, Japan, New Zealand, South Korea, Singapore, and the United Kingdom, participated in the training.

Furthermore, Kim went on to insist that “the U.S., which once advocated ‘defense’ and ‘deterrence’ in cyberspace, has switched to another strategy, the core of which is preemptive strike,” referring to the U.S. National Strategy to Secure Cyberspace in 2015, which gave the U.S. President the right to carry out cyber operations to destroy the functions of an enemy’s communication and infrastructure.

Kim argued that the U.S. is abusing the term “cybersecurity” to obtain world hegemony while describing North Korea, China, and Russia as malicious actors. “Each and every country should adamantly oppose and reject war exercise of the U.S. which invites confrontation and conflict in cyberspace,” concluded Kim.

Cyber Flag is a multinational tactical exercise which is hosted by the U.S. Cyber Command every year. Participants practice how to jointly defend cyberspace against the activities of threat actors in a virtual training environment with the aim of enhancing readiness and interoperability. According to the U.S. Cyber Command, this year’s exercise occurred two times: Cyber Flag 22 in July and Cyber Flag 23-1 in October.

In the meantime, the U.S. Department of the Treasury reissued sanctions on Tornado Cash, a virtual currency mixer which is allegedly used as a money laundering machine for cybercriminals, such as a North Korean state-sponsored hacking group Lazarus.

“Today’s sanctions action targets two key nodes of the DPRK’s weapons programs,” Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, said in a press release on Tuesday. “[The two key nodes are] its increasing reliance on illicit activities, including cybercrime, to generate revenue, and its ability to procure and transport goods in support of weapons of mass destruction and ballistic missile programs.”

In the initial sanctions, which were announced last August, the U.S. Department of the Treasury’s Office of Foreign Assets Control disclosed that more than $7 billion worth of virtual currency was laundered through Tornado Cash, which included over $455 million stolen by the Lazarus Group.

The cover image of this article was designed by Sangseon Kim.

Dain Oh is an award-winning cybersecurity journalist based in South Korea and the founding editor-in-chief of The Readable by S2W. Before joining S2W, she worked as a reporter for The Electronic Times, the top IT newspaper in Korea, covering the cybersecurity industry on an in-depth level. She reported numerous exclusive stories, and her work related to the National Intelligence Service led to her being honored with the Journalist of the Year Award in 2021 by the Korea Institute of Information Security and Cryptology in a unanimous decision. She was also the first journalist to report on the hacking of vulnerable wallpads in South Korean apartments, which later became a nation-wide issue.