Quotes of the Day:

“Books are the quietest and most constant of friends; they are the most accessible and wisest of counselors and the most patient teachers.” 

- Charles William Eliot

“The falsification of history has done more to impede human development than any one thing known to mankind.” 

- Jean-Jacques Rousseau

“You may impose silence upon me, but you can not prevent me from thinking.” 

- George Sand

1. Shared Goals, Divergent Paths: US-South Korea-Japan Relations – Analysis

2. U.S. will continue to impose all existing sanctions on N. Korea: state

3. Hacks aimed at financial industry spiking, North Korea most aggressive, cyber firm says

4. CoinsPaid Accuses North Korean Hackers Of Phony Job Interview To Steal $37 Million

5. Lessons of a $37M Attack: How a Ukrainian Payment Processor Was Hacked

6. Op-ed: It’s time to end the Korean War — the longest in US history

7. Seventy Years After Korean War: Glimpse Of Untold Story – OpEd

8. Comrades in Arms? - North Korea Compromises Sanctioned Russian Missile Engineering Company

9. N. Korea vows to launch satellites at any time

10. N. Korea, Russia defend Moscow's war with Ukraine during showing of film over Nazi trials

11. Facing Down an Arsenal: Considering Agile Combat Employment in Korea

12. Ep. 39 Shin-wha Lee: Understanding Seoul's DPRK Policy - Interconnection between Human Rights and Denuclearization

13. UN office faults Korea for inviting Myanmar envoy to arms event

14. Blue House cut Foreign Ministry out of Thaad talks: Diplomatic sources

15. CTBTO chief urges N. Korea to take 'small step' in nuclear test moratorium

16. N. Korea wants Russian technical assistance to further nuclear program

17. Two N. Korean street sellers talk about challenges they face

18. How a secret plot to assassinate North Korea’s leader spiraled out of control

1. Shared Goals, Divergent Paths: US-South Korea-Japan Relations – Analysis

A very useful essay that explores many of the issues (at this "pivotal juncture") but leaves out what I believe is the most important one: Unification. I would like the three leaders to recognize this:

The only way we are going to see an end to the nuclear program and military threats as well as the human rights abuses and crimes against humanity being committed against the Korean people living in the north by the mafia-like crime family cult known as the Kim family regime is through achievement of unification and the establishment of a free and unified Korea that is secure and stable, non-nuclear, economically vibrant, and unified under a liberal constitutional form of government based on individual liberty, rule of law, and human rights as determined by the Korean people. A free and unified Korea or in short, a United Republic of Korea (UROK).

I would like them to align their assumptions about the nature, objectives, and strategy of the Kim Family regime.

I would like them to recognize that we need to adopt a new strategy that is based on a human rights upfront approach, a sophisticated information campaign, and the pursuit of a free and unified Korea.

I would really like them to put forth a "Camp David Consensus" that calls for a free and unified Korea. President Biden's and President Yoon's 26 word statement on unification was overshadowed by the Washington Declaration in April. But this is an opportunity for a tripartite statement in support of Korean unification. And I think it would be a powerful statement to have Japan come out publicly in support of Korean unification. President Yoon has taken great political risk in working hard to significantly improve ROK-Japan relations and a public statement by Prime Minister Kishida would be a nice response and might have a positive influence on the ROK public.

Conclusion:

The upcoming trilateral summit presents a pivotal juncture in this ongoing analysis. It provides a concrete context within which to explore the complexities of these relationships, offering a snapshot of the ways in which these nations navigate their historical tensions, shared interests, and the broader geopolitical landscape. This event promises to illuminate the challenges and opportunities that lie ahead, shedding light on the ways in which these nations are negotiating their trilateral relations amidst the shifting sands of global power dynamics.

The developments arising from this summit will undoubtedly serve as a rich source of insight into the evolving nature of these trilateral relations. Each statement made, decision taken, and policy articulated during this summit can provide valuable data points for our understanding. These insights not only help to enrich our current academic discourse but also set the stage for future research and policy considerations.

Shared Goals, Divergent Paths: US-South Korea-Japan Relations – Analysis

eurasiareview.com · by Geopolitical Monitor · August 8, 2023

By Dr. Hasim Turker

The forthcoming trilateral summit involving the United States, Japan, and South Korea, planned for August 18, 2023, has captured global interest. The gathering offers an invaluable perspective to evaluate the nuances in the interconnections between these three nations. Significantly, this occasion marks the inaugural independent meeting among these countries’ leaders, thereby reflecting the transformation in the geopolitical configuration of the Asia-Pacific region and these nations’ pivotal role therein.

The tripartite interaction between these nations symbolizes the intricacies intrinsic to the sphere of international diplomacy. The connections amongst these countries can be perceived as a complex choreography, skillfully managing a multitude of strategic, economic, and sociopolitical dimensions. This equilibrium is often subject to challenges due to the dichotomy characterizing these tripartite ties — the robust strategic partnerships each country maintains with the United States, juxtaposed with the historical strains that persist between Japan and South Korea.

The United States, Japan, and South Korea are cornerstone components in the geopolitical tapestry of the Asia-Pacific region. Their collective global presence, especially within the framework of their tripartite association, has significant bearings on regional balance, economic progression, and the changing power dynamics in the Asia-Pacific.

These connections are not isolated entities, but rather are closely knit into the wider international fabric. The specter of an ascending China, the consistent menace posed by North Korea, along with the dynamic terrain of global trade and security, introduce additional dimensions to these connections. Consequently, the impending summit does not merely represent a platform for diplomatic dialogue between these nations, but also serves as a vantage point from which we can scrutinize the diverse dynamics embedded in this tripartite association.

Historical Context: Strained ROK-Japan Relations

Peering through the lens of history, the relations between Japan and South Korea are a tapestry interwoven with moments of cooperation shadowed by the dark specter of unresolved issues from the past. The primary source of these tensions lies rooted in the era of Japanese colonial rule over Korea from 1910 to 1945, a period marked by cultural suppression, forced labor, and myriad human rights abuses.

The most poignant among these historical affronts is the charged issue of the ‘comfort women,’ a term alluding to the multitudes of Korean women coerced into sexual servitude by the Imperial Japanese Army during World War II. Despite several attempts at resolution, including the agreement reached in 2015, this issue persists as a diplomatic bone of contention, mirroring the deep-rooted anguish and bitterness yet to be fully assuaged.

Compounding this, territorial claims over the islets referred to as Dokdo in Korea and Takeshima in Japan have periodically ignited, amplifying tensions. The sovereignty over these islets transcends territorial rights, possessing symbolic importance for both countries, being tethered to national honor and historical recollection.

These historical contentions have left indelible imprints on the political, economic, and societal linkages between Japan and South Korea. They have cast enduring shadows over diplomatic rapport, precipitated trade disputes, and molded public sentiment, often impeding the potential for enhanced collaboration between the two nations.

Within this framework of historical disputes, the role of the United States surfaces as a pivotal element. As a mutual ally to both Japan and South Korea, the United States assumes a unique position. It often acts as an intermediary, endeavoring to alleviate the ramifications of these historical strains on its strategic partnerships with both nations. The significance of the US role is underscored by its post-WWII engagements in the region, its military presence, and its sustained dedication to the security and stability of the Asia-Pacific region.

Washington’s Role: Bilateral Balancer

As an established superpower, the United States has continuously upheld strong bilateral relationships with both Japan and South Korea. These relationships, which took form in the wake of World War II and the Korean War, have developed into essential alliances that significantly shape the geopolitical milieu of the Asia-Pacific region.

The alliance between the U.S. and Japan is anchored in a mutual dedication to democratic principles, human rights, and legal governance. This relationship serves as a bedrock of U.S. security objectives in Asia, essential for maintaining regional stability and advancing prosperity. The alliance has evolved beyond military and security spheres to include various mutual interests, encompassing areas like trade, scientific innovation, environmental concerns, and global health.

Likewise, the US-South Korea alliance, encapsulated in the phrase “We Go Together,” has progressed from its military-based inception against the North Korean menace into a comprehensive partnership. It encompasses a broad range of sectors such as nuclear energy cooperation, free trade, and global matters including climate change and cybersecurity.

Nevertheless, the United States often finds itself delicately navigating a diplomatic path that requires careful balancing of its relations with both countries. On one end, it seeks to uphold and strengthen these alliances, as they are integral to its strategic footprint in the Asia-Pacific. On the other, it is faced with the task of dampening the historical frictions between its two allies, which at times can pose challenges to trilateral cooperation.

This responsibility is further convoluted by the domestic political landscapes of each country, leadership transitions, and changing national priorities, all of which can significantly impact the dynamics of these bilateral relationships. The U.S. must steer through these complex waters with a discerning and nuanced approach, fully aware that its actions carry significant implications for regional stability and its strategic goals.

Moreover, the US role extends beyond just being a strategic partner—it also includes the responsibility of past engagements. Its post-WWII governance of Japan, involvement in the Korean War, and its continued military presence in both nations shape the perceptions and expectations of its role in addressing Japan-South Korea relations.

Mutual Security Concerns Loom

The Tripartite Ministerial Consultation held on June 3, 2023, offers a compelling example of the joint strategic interests that connect the United States, Japan, and South Korea. During this meeting, the defense chiefs of these countries undertook a comprehensive examination of pressing security challenges, most significantly the relentless nuclear and missile threats posed by North Korea.

North Korea’s nuclear objectives and missile expansion programs have persistently troubled these nations and the wider international community. These apprehensions have been heightened by North Korea’s recurrent missile experiments and its avowed commitment to augment its nuclear prowess. The perceived danger from North Korea not only destabilizes regional peace but also directly contravenes the national security objectives of the United States, Japan, and South Korea.

To counteract this shared menace, these countries have reaffirmed their dedication to mutual defense and deterrence strategies. Their collective efforts, as showcased during the Tripartite Ministerial Consultation, strive to align their diplomatic and security policies concerning North Korea, with the intention of suppressing its nuclear aspirations and lessening the potential threats.

Beyond the issue of North Korea, these countries are also connected by their mutual pledge to sustain the rules-based international system. They have collaborated on an array of other security matters, including maritime security, counterterrorism, cyber risks, and space security. This cooperation also extends to global peacekeeping initiatives, humanitarian aid, and disaster response operations, which underscore their mutual commitment to global peace and stability.

Additionally, these shared security interests are embedded within a broader strategic framework. As democratic nations in the Asia-Pacific region, they jointly navigate a geopolitical terrain characterized by China’s ascent and shifting power dynamics. These collective challenges further highlight the significance of their tripartite cooperation.

The Implication of China’s Rise: A Joint Hurdle

Undeniably, China’s emergence as a global powerhouse has irreversibly reconfigured the geopolitical scene of the Asia-Pacific region, constituting a collective predicament for the United States, Japan, and South Korea. This ascent, marked by extraordinary economic advancement, speedy military modernization, and an increasingly bold foreign policy, has triggered a substantial shift in the regional equilibrium.

China’s economic strength, underscored by its position as the world’s second-largest economy, holds both opportunities and anxieties for these nations. On one flank, China is an essential trade ally, offering expansive markets for exports and provisioning diverse goods. However, on the flip side, its economic power has been used to wield political pressure, illustrated by its economic backlash in response to geopolitical disagreements.

In addition, China’s wide-ranging military modernization scheme has sounded the alarm. Its escalating naval capacity, progress in missile technology, and ongoing militarization in the South China Sea have ignited unease over its motives and the potential for intimidation or conflict.

China’s bold foreign policy, particularly its territorial claim over Taiwan and its moves in the South and East China Seas, brings direct opposition to the regional norm. Its Belt and Road Initiative, aiming to broaden China’s economic and strategic influence globally, also carries far-reaching implications for the global power balance.

Therefore, the rise of China brings an added layer of intricacy to the trilateral dynamics among the U.S., Japan, and South Korea. It presents a collective problem, pushing these nations to reevaluate their strategies and seek common ground. They are driven to delicately manage their relations with China, harmonizing their economic interests with the imperative to counter coercive tactics and uphold the rules-based order.

The “China factor” also highlights the importance of the trilateral cooperation among the U.S., Japan, and South Korea. As democratic entities in the Asia-Pacific region, they have a common interest in maintaining a power balance and advocating for a free and open Indo-Pacific. Thus, their trilateral collaboration is not merely about resolving historical tensions or managing the North Korean menace; it’s also about collectively reacting to the shared challenges brought about by China’s ascent.

Looking Ahead: The Trilateral Summit and Beyond

The imminent trilateral summit involving the United States, Japan, and South Korea assumes increased importance within the intricate lattice of geopolitical dynamics. This summit, uniting leaders from these three nations, stands as a powerful emblem of the joint challenges and mutual interests that unite them. It showcases the understanding that despite the historical tension currents and varying national interests, the facts of the geopolitical landscape require a certain degree of cooperation.

Nonetheless, the path forward is anything but simple or linear. The mission of steering through shared and conflicting interests remains a daunting challenge. Reconciling historical differences isn’t just about diplomatic negotiation; it also necessitates addressing deep-rooted public sentiments and national identities. Will these nations locate a trajectory that respects the distressing histories while permitting a forward-thinking relationship?

Similarly, harmonizing national interests with the need for trilateral cooperation is a delicate endeavor. Each nation has its strategic priorities, economic interests, and domestic political factors. The difficulty lies in aligning these diverse interests towards mutual objectives, while ensuring no nation feels its interests are threatened.

The emergence of a shared challenge, such as China’s rise, brings an additional facet to this balancing task. The “China factor” requires closer collaboration among these nations, yet simultaneously elevates the stakes. Each nation has intricate relations with China, characterized by entwined economic bonds and strategic rivalries. Navigating these relations while demonstrating a unified front requires nuanced diplomatic maneuvering.

Therefore, the trilateral summit presents a chance to tackle these intricate issues and map a path for the future. It offers a stage for these nations to converse about their mutual concerns, devise cooperative strategies, and potentially alleviate historical tensions. The outcomes of this summit could determine the future course of their trilateral relations, influencing not just their individual relations, but also the broader geopolitical terrain in the Asia-Pacific region.

Conclusion

Finding definitive answers to the complex questions surrounding the trilateral relationship between the United States, Japan, and South Korea is no easy task. The intricacies of these relationships, informed by a tapestry of historical legacies, strategic interests, and evolving geopolitical realities, make for a subject of rich and ongoing debates within the field of Political Science and International Relations.

As scholars, it is our duty to persistently scrutinize these evolving dynamics. This involves casting a critical eye over historical precedents, dissecting current geopolitical trends, and examining the policy orientations of the respective nations. Each of these elements contributes to our understanding of the trilateral relationship, helping us to tease out the threads of continuity and change that shape these interactions.

The upcoming trilateral summit presents a pivotal juncture in this ongoing analysis. It provides a concrete context within which to explore the complexities of these relationships, offering a snapshot of the ways in which these nations navigate their historical tensions, shared interests, and the broader geopolitical landscape. This event promises to illuminate the challenges and opportunities that lie ahead, shedding light on the ways in which these nations are negotiating their trilateral relations amidst the shifting sands of global power dynamics.

The developments arising from this summit will undoubtedly serve as a rich source of insight into the evolving nature of these trilateral relations. Each statement made, decision taken, and policy articulated during this summit can provide valuable data points for our understanding. These insights not only help to enrich our current academic discourse but also set the stage for future research and policy considerations.

The views expressed in this article belong to the authors alone and do not necessarily reflect those of Geopoliticalmonitor.com.

eurasiareview.com · by Geopolitical Monitor · August 8, 2023

2. U.S. will continue to impose all existing sanctions on N. Korea: state

While China and Russia are complicit in sanctions evasion support to north Korea, we cannot lift sanctions because it would cause Kim to assess his political warfare and blackmail diplomacy strategies as successful and then he will double down on them. Sanctions are not a silver bullet but we must continue to enforce them as best as possible. But we must be more than a one trick pony. This is why we really need an aggressive, holistic, and sophisticated information campaign combined with a human rights upfront approach. If we really want to exert pressure on Kim, that is the way to do it.

(LEAD) U.S. will continue to impose all existing sanctions on N. Korea: state dept. | Yonhap News Agency

en.yna.co.kr · by Duk-Kun Byun · August 9, 2023

(ATTN: UPDATES with remarks from a Pentagon spokesperson in last 6 paras)

By Byun Duk-kun

WASHINGTON, Aug. 8 (Yonhap) -- The United States will continue to enforce all existing sanctions on North Korea, a state department spokesperson said Tuesday, amid concerns over growing military cooperation between North Korea and its two closest supporters -- China and Russia.

Matthew Miller, however, declined to comment on any future sanctions.

"First I will say we will fully enforce our existing sanctions," the state department spokesperson said when asked if the U.S. was considering imposing additional sanctions on North Korea.

"But then I will give the answer you have heard me give in the past, which is with respect to any potential future sanctions actions, I would never want to preview them from this podium," he told a daily press briefing.

State Department spokesperson Matthew Miller is seen answering questions during a daily press briefing at the department in Washington on Aug. 8, 2023 in this captured image. (Yonhap)

His remark follows a high-profile visit to Pyongyang by Russian Defense Minister Sergei Shoigu late last month to take part in events marking the 70th anniversary of the Korean War armistice, celebrated in North Korea as Victory Day.

U.S. administration officials have noted the visit may indicate increased military cooperation between the two countries.

"We have made clear our concerns about cooperation between Russia and North Korea," the state department spokesperson warned Monday. "We have made clear our concerns about North Korea seeking to assist Russia in its aggression in Ukraine, and we will continue to make those concerns clear and we will continue to enforce all of our sanctions."

A Pentagon spokesperson stressed that any potential arms deal between North Korea and Russia would violate United Nations Security Council resolutions.

"If you are referring to reporting that North Korea might be considering the sale of ammunition to Russia, that's something that is extremely concerning to us," Department of Defense deputy spokesperson Sabrina Singh told a daily press briefing.

"It's obviously a decision that North Korea is making to align itself with Russia and its unprovoked war in Ukraine, and any arms deal between the DPRK and Russia would violate U.N. Security Council resolutions," she added.

DPRK stands for the Democratic People's Republic of Korea, North Korea's official name.

The Pentagon spokesperson also warned that any country planning to engage in any illegal arms deal with North Korea will pay a price.

"We will continue to identify and expose these transfers, these sales that happen and make sure that any country that does decide or plans to do business with North Korea is prepared for the consequences," she told the press briefing.

bdk@yna.co.kr

(END)

en.yna.co.kr · by Duk-Kun Byun · August 9, 2023

3. Hacks aimed at financial industry spiking, North Korea most aggressive, cyber firm says

The all purpose sword at work. This is the new "battlefield."

Hacks aimed at financial industry spiking, North Korea most aggressive, cyber firm says

washingtontimes.com · by Ryan Lovelace

By - The Washington Times - Updated: 3:41 p.m. on Tuesday, August 8, 2023

Cybersecurity firm CrowdStrike said it detected a surge in attempted breaches of the financial service sector in the past year, with North Korean cyberattackers being the most aggressive state-sponsored hackers to aim at the industry.

The large uptick in attempted hacks of the financial industry stunned CrowdStrike, which tracked more than 215 adversaries for its 2023 Threat Hunting Report.

“In the past year, the volume of interactive intrusion activity against the financial service industry increased by over 80%,” the report said. “Defenders in the financial industry should watch this trend closely, as the increased volume of activity is matched by an increased diversity of threats.”

The rapid growth in attempted hacks of the financial industry put it as the top targeted sector — behind only technology.

CrowdStrike said the breakout time for cyberattackers to spread through a victim’s network reached its fastest speed of all time between July 2022 and June 2023, with the quickest hackers bursting throughout a network in seven minutes.

“We have seen a threat landscape that has grown in complexity and depth as threat actors pivot to new tactics and platforms, such as abusing valid credentials to target vulnerabilities in the cloud and in software,” CrowdStrike Senior Vice President Adam Meyers said in a statement. “When we talk about stopping breaches, we cannot ignore the undeniable fact that adversaries are getting faster and they are employing tactics intentionally designed to evade traditional detection methods.”

CrowdStrike found that North Korean adversaries were the most aggressive state-sponsored cyberattackers hammering the financial sector, with their sights aimed at financial institutions and financial technology organizations.

Financial institutions are at risk of attack from North Korea because the regime of Kim Jong-un needs funding. Top White House cyber official Anne Neuberger said in May that the Biden administration estimated that North Korea funded half its missile program via cryptocurrency heists and cyberattacks.

North Korean cyberattackers also want access to networks with sensitive information, seeking answers to complex questions traditionally provided by diplomats and intelligence officers in other countries. Cyber intelligence firm Recorded Future said in June it found North Korea’s top five most targeted industries since 2009 were government, cryptocurrency, media, traditional finance and the defense sector.

While North Korea’s financial motivation was straightforward for CrowdStrike to decipher, Iranian and Chinese hackers took different approaches.

“The diversity of sectors targeted by Iranian (KITTEN) and Chinese (PANDA) state-nexus adversaries are reflective of two distinct, but similar, tradecraft strategies,” CrowdStrike’s report said. “KITTEN adversaries increasingly rely on opportunistic exploitation of entities of interest, and PANDA adversaries continue to expand operations to achieve coverage across as many targets as possible.”

As digital defenders look to secure networks from cybercriminals and state-sponsored hackers in the future, CrowdStrike said a knowledge gap exists in properly securing cloud computing environments, given the rapid adoption of the tech by many organizations.

“As the technologies and security products that organizations rely on evolve, so too do adversary tooling and tradecraft — at an alarming pace,” the report said.

• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.

Copyright © 2023 The Washington Times, LLC. Click here for reprint permission.

Click to Read More and View Comments

Click to Hide

washingtontimes.com · by Ryan Lovelace

4. CoinsPaid Accuses North Korean Hackers Of Phony Job Interview To Steal $37 Million

Social engineering makes us all soldiers on the cyber battlefield.

CoinsPaid Accuses North Korean Hackers Of Phony Job Interview To Steal $37 Million

bitcoinist.com · by Christian Encila · August 8, 2023

CoinsPaid, a cryptocurrency payments company headquartered in Estonia, has raised suspicions that the Lazarus Group, a group of hackers from North Korea, managed to breach its systems by utilizing deceptive recruiters who targeted company employees.

According to an official blog post, CoinsPaid disclosed that the breach, which resulted in the theft of over $37 million on July 22, was orchestrated through a ruse wherein an employee was lured into downloading software under the pretense of a mock job interview, under the false guise of a technical assignment.

The company revealed that this employee fell victim to a job offer propagated by the hackers, subsequently downloading the malicious code that ultimately facilitated the malevolent actors in pilfering sensitive data and acquiring unauthorized entry into the infrastructure of the crypto company.

Funding North Korea’s Illicit Nuclear Program

Cryptocurrency thefts are suspected to provide financial backing for North Korea’s unorthodox nuclear weapons initiative, based on the analysis of specialists in the field. The Lazarus Group, recognized for its involvement in cyberattacks, frequently employs analogous hacking methodologies to target exchanges, blockchains, and mixers, even utilizing identical crypto wallet addresses.

We Know Exactly How Attackers Stole and Laundered $37M USD

CoinsPaid invited a partnership with @MatchSystems, in cooperation with law enforcement agencies and regulators, accompanies the process of returning stolen #crypto assets.

— CoinsPaid (@coinspaid) August 7, 2023

This pattern of operation has led CoinsPaid to draw the inference that the infamous hacking collective, affiliated with the North Korean government, can be held accountable for the aforementioned hack.

CoinsPaid said:

“Having gained access to the CoinsPaid infrastructure, the attackers took advantage of a vulnerability in the cluster and opened a backdoor.”

The knowledge perpetrators obtained at the exploration stage enabled them to “reproduce legitimate requests for interaction interfaces” with the blockchain and “withdraw the company’s funds from our operational storage vault,” CoinsPaid added.

Bitcoin slightly above the key $29k level today. Chart: TradingView.com

Lazarus Group’s Six-Month Pursuit Of CoinsPaid

Over a span of six months, the Lazarus Group engaged in an intricate process of meticulously observing and researching CoinsPaid’s intricate systems.

Their efforts encompassed a spectrum of attack methodologies, ranging from manipulative social engineering tactics to technically driven approaches such as Distributed Denial-of-Service assaults and relentless brute-force attempts — repeatedly submitting numerous passwords in the hopes of eventually stumbling upon the correct one.

The saga began in March, as the hackers initiated their assault on the firm. The company recounted the unceasing and remarkably aggressive barrage of spam and phishing campaigns directed at its team members during this period.

In response, CoinsPaid took the step of collaborating with Match Systems, a blockchain security firm, to trace the route of the stolen funds. The majority of these ill-gotten gains found their way to SwftSwap.

According to CoinsPaid, a multitude of facets within the hackers’ transactions bore striking resemblances to the modus operandi of Lazarus, akin to the $35 million breach of Atomic Wallet in the preceding month of June. The company affirmed its commitment to vigilantly monitor any movement associated with these pilfered funds.

Featured image from Kyodo/AP Photo

bitcoinist.com · by Christian Encila · August 8, 2023

5. Lessons of a $37M Attack: How a Ukrainian Payment Processor Was Hacked

Gullible employees. Don't be one.

Lessons of a $37M Attack: How a Ukrainian Payment Processor Was Hacked

CoinsPaid, a crypto payment processing company with Ukrainian roots, fell a victim to a social engineering attack, thought to have emanated from Lazarus, a North Korean hacking group.

By Anna Baydakova

Aug 8, 2023 at 2:39 p.m. EDT

CoinDesk · August 8, 2023

Exploiting DeFi protocols has long become crypto’s most popular type of crime, while traditional exchange hacks have become far less frequent. But cybercriminals haven’t lost all interest in the good old digital robbery.

The recent hack of a crypto payment processor CoinsPaid shows that the most industrious cybercriminal groups in the world are still willing to spend formidable resources on breaking into centralized entities.

CoinsPaid, a Ukrainian firm registered in Estonia, reported being hacked on July 22, with estimated crypto losses of $37.3 million. According to the CEO Max Krupyshev, the company ended up refunding clients from its own funds. Those customers likely include online casinos, which according to a Blockchain Intelligence Group, are widespread users of CoinsPaid.

In a detailed explanation of the incident published Monday, CoinsPaid said that, judging by the thieves’ on-chain behavior, they were very likely the North Korean Lazarus Group or affiliated with it. To siphon money out of CoinsPaid, the attackers used wallets that included the one spotted in another recent attack attributed to Lazarus – the Atomic Wallet hack in June, Blockchain Intelligence Group wrote.

The attackers had been targeting CoinsPaid for months before finally pulling off the theft, CoinsPaid said. Fishing and social engineering attempts started in March, including a request from someone posing as a fellow Ukrainian crypto processing startup, who was asking CoinsPaid developers about the firm’s technical infrastructure, the blog post said. The attackers also tried to bribe CoinsPaid staff and engaged in distributed denial-of-service (DDOS) attacks aimed at the company’s servers.

Fishing for the gullible employees

Then, in July, several employees received lucrative job offerings from LinkedIn accounts posing as recruiters from other crypto companies, including the exchange Crypto.com. “For instance, some of our team members received job offers with compensation ranging from 16,000-24,000 USD a month,” the blog post said.

After making an initial contact, the fake recruiters asked the employees to install JumpCloud, a platform for user authentication that was reportedly also hacked by Lazarus in July, or other software, presumably to perform a test task. Several employees took the bait and installed malicious software, after which the attackers got access to CoinsPaid’s infrastructure.

During late-European hours on a Friday night on July 21, the attackers got access to CoinsPaid’s blockchain node and requested a large withdrawal of Tron-based USDT, bitcoin and several ERC20 tokens running on the Ethereum blockchain, Pavel Kashuba, CoinsPaid chief financial officer, told CoinDesk in an interview. The active phase of the attack took about four hours 23 minutes, he said.

While the thieves got free access to the company’s servers, they did not compromise the private keys for CoinsPaid’s wallets, CEO Max Krupyshev told CoinDesk: “As soon as we switched off our servers, the transfers stopped.” He added that, when the firm spun off new wallets with the same keys, those weren’t drained, confirming that the keys were safe.

Can’t block this

The firm lost money anyway. Most of the stolen funds, in a form of USDT on the Tron blockchain, were swapped for the USDT on Avalanche via cross-chain bridges and then sent to a decentralized exchange SwftSwap, Krupyshev said. Attackers also used decentralized exchanges Uniswap and SunSwap, as well as centralized exchanges Binance, Huobi, Kucoin, Bybit, Bitget and MEXC, according to the post-mortem blog post.

Bitcoin was laundered via the Sindbad mixer, which, according to the blockchain intel firm Elliptic, is the most popular mixer for North Korean hackers.

CoinsPaid said, although they notified the centralized exchanges as soon as they saw funds moving there, labeling crime-related addresses and taking action by exchanges is a process too slow to keep up with the hackers, who were cashing out in a matter of minutes.

Kashuba expressed frustration that law enforcement agencies go slowly in convincing exchanges to freeze criminal accounts. “You need to block the money but that money is already gone,” he said.

The bottom line is exchanges need to pay attention to digital hygiene and adequate training for the staff, Kashuba said. And that goes for all kinds of cybercrime.

CoinDesk · August 8, 2023

6. Op-ed: It’s time to end the Korean War — the longest in US history

I too want an end to the Korean war and peace on the Korean peninsula. But these activists do not seem to understand the nature, objectives, and strategy of the Kim family regime. They are actually supporting Kim's political warfare strategy. And most troubling, their actions will likely lead to the conflict they want to avoid and end.

Op-ed: It’s time to end the Korean War — the longest in US history

Chicago Tribune

July 27 marked the 70th anniversary of the armistice agreement establishing a cease-fire in the Korean War. This temporary agreement has never been replaced by a permanent peace treaty. As a result, more than 75 million people on the Korean Peninsula (more than the population of the United Kingdom or France) live in an ongoing state of war, experienced as the potential for active hostility at any time.

We are all longtime residents of Chicago, and all of us have close family members and friends in South Korea. Many of them live in Seoul, a metropolitan region of almost 10 million people, which is only 35 miles from the Demilitarized Zone and border with North Korea. All men in South Korea are required to serve in the military for at least 18 months. And a large percentage of the budgets of both South and North Korea is diverted into maintaining the most heavily fortified border in the world, resources that could be put into health care, education, housing and the environment. All of these take a heavy toll on the mental health of people living in South Korea, which has one of the highest suicide rates in the world.

Advertisement

As members of the Korean American Peace Fund, we attended the Korea Peace Action: National Mobilization to End the Korean War, which included a rally and symposium in Washington on July 27-28. One of the main goals of this convening was to urge our government to pass House Resolution 1369, the Peace on the Korean Peninsula Act, which would create a pathway to a peace treaty between the United States and North Korea — the first, essential step toward building true collective security in the region.

The bill urges the U.S. government to engage in direct talks with the North Korean government and end the ban on travel by U.S. citizens to North Korea. More than 100,000 Americans are directly affected by the travel ban. Some are relatives of prisoners of war or soldiers missing in action lost during the war who are still searching for their family members’ remains. Many others affected by the travel ban are Korean Americans who yearn to see mothers, fathers, siblings and other loved ones in the North, separated now for almost three-quarters of a century. Most of these divided family members have already died without ever reuniting with their loved ones.

Advertisement

One of us, JeeYeun, has a grandfather who was taken by North Korean soldiers during the early part of the war. Her grandmother was able to see him once while he was in custody in Seoul before he was taken across the border. Decades later, her father traveled to North Korea in search of him, but the family never saw or heard from him. Only in the process of advocating for HR 1369 did JeeYeun even consider visiting North Korea herself to seek information about what happened to her grandfather, showing the level of resignation that many of us feel about the permanence of Korea’s division.

Chicago Tribune Opinion

Weekdays

Read the latest editorials and commentary curated by the Tribune Opinion team.

By submitting your email to receive this newsletter, you agree to our Subscriber Terms & Conditions and Privacy Policy.

But all residents of the United States are affected by this un-ended war.

As the blockbuster drama “Oppenheimer” reminds us, the existence of nuclear weapons makes any war a potential global catastrophe. The continued presence of the U.S. military in the Korean peninsula heightens tensions, making us “one bad decision away from nuclear war,” as stated by Dan Leaf, retired Air Force general and former deputy commander of the U.S. Pacific Command. Within the last two weeks, two U.S. nuclear-powered submarines have landed in South Korea after months of joint U.S.-South Korean live-fire military drills that have sharply intensified in scale and frequency; during the same time, a U.S. soldier on a guided tour of the DMZ crossed the border to North Korea. Improving diplomacy and direct communication with North Korea would allow the U.S. to resolve sensitive matters and deescalate tensions more quickly.

Because of the perceived threat of North Korea and now China, South Korea is home to the third-largest overseas U.S. military presence in the world. This expenditure siphons valuable resources away from the basic needs of Americans here at home, for housing, health care, education and a clean environment.

As the leader of the United Nations Command during the Korean War, only the United States can sign a peace agreement with North Korea. It is in the best interest of our country to do so.

It’s time to end the longest war in U.S. history.

Becky Belcore is co-director of the National Korean American Service and Education Consortium. Inhe Choi is executive director of the HANA Center, a Chicago-area nonprofit. Youngju Ji and JeeYeun Lee work for the Korean American Peace Fund.

Submit a letter, of no more than 400 words, to the editor here or email letters@chicagotribune.com.

Chicago Tribune

7. Seventy Years After Korean War: Glimpse Of Untold Story – OpEd

Where you stand depends on where you sit. If you want to paint the US as the aggressor and imperialist power you can do that. But it was Kim Il Sung who attacked the South on June 25, 1950. And it is the north that continues to seek domination through the use of force.

But I know there are many, including some in the U.S. who believe this conclusion and the rest of the spin in this essay.

It pains me to read and send this essay but we must know the arguments being made by people of this political persuasion.

Conclusion:

The evident truth is that the United States supported the oppressor, not the oppressed, leading many revolts including the May 1980 uprising led by students at Chonnam National University in Gwangju. Many people boasting about Korea’s freedom and development forget this reality. The victory was achieved by the Korean people, not through the sacrifice of a true monster disguised as an angel. With various parties in Asia trying to revive unfulfilled ambitions of the West from the Cold War era after World War II, it becomes essential for us to grasp this truth and prepare for potential challenges ahead.

Seventy Years After Korean War: Glimpse Of Untold Story – OpEd

eurasiareview.com · by Nilantha Ilangamuwa · August 7, 2023

Amidst these precarious times, where our humanity is continuously put to the test, nothing holds greater importance than our inflexible dedication to pursuing peace. However, it is truly enraging to witness self-proclaimed guardians of peace traversing the globe, stoking the flames of conflict in countries such as Ukraine and sabotaging any attempts at negotiations between warring factions. T

he inferno of war, which once consumed distant lands, now threatens to engulf the Asian continent again. The impending doom looms, and it is only a matter of time before an Asian nation succumbs to the whims of a deluded comedian, masquerading as a false hero, playing with the lives of his people and trampling upon the corpses of genuine revolutionaries.

Revolution, a noble endeavour aimed at preserving human life, has been twisted and perverted by misguided social reformers who seem to have forgotten its fundamental purpose. Our present circumstances demand that we confront the harsh realities of our collective predicament in Asia. A robust and united voice must emerge, one that acknowledges the truth on the ground and demands the immediate demilitarization of foreign military bases. We must address head-on the deep-seated social and economic crises that plague our people, without further delay.

A new paradigm is emerging, as East and West Asian nations, together with their African and Latin American counterparts, gradually align their interests. Yet, in their quest to retain power, some leaders resort to oppressing their own people, entrenching corruption, and forming unholy alliances with oppressors who share their malevolent tactics. To break free from this crisis, we must draw upon local ideologies and embrace the principled institutionalization advocated by the Western school of thought, adapting it to suit our current geopolitical landscape.

Seventy years have passed since the Korean War’s conclusion, an epoch marked by the triumph of human compassion against the manipulations of world powers. As we reflect upon that historic humanitarian victory, we must bear in mind the foundational context that led to it.

Before the official onset of the Korean War in 1950, South Korea grappled with a state of armed rebellion. The conflict actually commenced in 1946 when the American military government supported the brutal suppression of dissident movements in South Korea, particularly on Jeju-do, where tens of thousands of innocent peasants were mercilessly massacred between April 1948 and May 1949. This cruelty only served to incense the North, prompting secret raids and acts of sabotage. Even the US-trained South Korean saboteurs and commandos who infiltrated the North, attempting to assassinate Kim Il-sung in the months leading up to the fateful June 25 invasion.

Regrettably, official US narratives have sought to obfuscate the horrors of war and bury the truth about the mass atrocities committed by US and South Korean forces against civilians. The yearning for secession among the majority of Koreans was virtually non-existent, but misinformation and poor media coverage during the time of the Korean War obscured this reality. Even now, after decades have passed, a deep sense of remorse lingers among the present generation, contemplating the consequences of the tragic separation.

It is high time that we rise above the shadows of our history, grasp the lessons learned from the past, and unite as one to shape a brighter future for Asia. The key lies in embracing a principled and compassionate approach, one that acknowledges the grave mistakes of the past while nurturing the collective spirit of humanity that will guide us towards a lasting and harmonious peace.

Yonghwa, a young Korean with a quiet demeanour, conceals a soul ablaze with grand aspirations. Despite being born decades after the conclusion of the Korean War, the haunting spectre of that bitter past continues to linger, casting its shadow over the present. During our recent talk, Yonghwa lamented how geopolitical realities have forced them to move further away from the dream of reunification.

The Korean people never sought war; it was thrust upon them by the ambitions of external powers. After Japan’s surrender in World War II, the Korean people ardently desired to maintain their homeland as a single sovereign state. However, this noble vision was brutally shattered to fulfill the vested interests of third parties, leaving their once-vibrant land desolated by genocide. It is crucial to dispel the false notion that the war arose from an unprovoked attack by North Korean guerrillas on the South; this narrative was a ruse orchestrated by the architects of Cold War doctrine to mask the true nature of the conflict.

George Kennan, Abraham Gordon, Dean Acheson, and others played pivotal roles during the Cold War, advocating for containment strategies to counter the spread of communism and Soviet influence. As part of these strategies, propaganda, information warfare, military assistance, and defence cooperation were formulated, all aimed at furthering their global domination agenda, including attempts to undermine the Soviet Union. Regrettably, the people of the nations caught in this power struggle paid a steep price. For the Koreans, the war turned their aspirations for reunification into another heart-wrenching tragedy, defying international laws and traditions while perpetuating blatant falsehoods worldwide.

The catastrophic toll of the war is staggering, according to United Nations estimates: between three and four million Koreans lost their lives, with one in every nine North Koreans succumbing to the conflict. The war forced six to seven million Koreans into refugee status, and the destruction was rampant, reducing thousands of factories, schools, hospitals, and hundreds of thousands of homes to ruins. The Western alliance, led by the United States, did not hesitate to drop napalm on unarmed civilians, leaving generations of Koreans to bear a price far more horrifying than the current struggles faced by Ukrainians fighting someone else’s war.

Poignant perspectives from many Korean writers shed light on the true motivations behind the conflict. They assert that the Korean War was a result of a corrupt dictator, Syngman Rhee, seeking to stroke his ego, and a weak American president, Truman, swayed by the counsel of MacArthur, an old and “faded warlord” who failed to grasp the consequences of his actions. What could have been a short and relatively bloodless civil war turned into a devastating battlefield, with Truman unwittingly unleashing genocide upon the Korean people.

The narrative of the Korean War is multifaceted, tainted by the agendas of powerful players, and sowed with the seeds of tragedy. As we confront this complex history, we must strive to unearth the truth, acknowledge the profound suffering endured, and work towards a future where peace, unity, and justice triumph over ego-driven politics and the ghosts of a tumultuous past.

That is, it is now a proven fact that democracy emerged in South Korea in late eighties not because it was promoted by the United States, but because of the efforts of dedicated social activists, many of whom fought against torture, assault, and extermination. For years, the United States had built up military and police forces in South Korea, honouring the dictators who committed countless atrocities. That said, free and open expression did not come easily to South Koreans, and neither did the United States.

The evident truth is that the United States supported the oppressor, not the oppressed, leading many revolts including the May 1980 uprising led by students at Chonnam National University in Gwangju. Many people boasting about Korea’s freedom and development forget this reality. The victory was achieved by the Korean people, not through the sacrifice of a true monster disguised as an angel. With various parties in Asia trying to revive unfulfilled ambitions of the West from the Cold War era after World War II, it becomes essential for us to grasp this truth and prepare for potential challenges ahead.

eurasiareview.com · by Nilantha Ilangamuwa · August 7, 2023

8. Comrades in Arms? - North Korea Compromises Sanctioned Russian Missile Engineering Company

Graphics at the link: https://www.sentinelone.com/labs/comrades-in-arms-north-korea-compromises-sanctioned-russian-missile-engineering-company/

Conclusion:

With a high level of confidence, we attribute this intrusion to threat actors independently associated with North Korea. Based on our assessment, this incident stands as a compelling illustration of North Korea’s proactive measures to covertly advance their missile development objectives, as evidenced by their direct compromise of a Russian Defense-Industrial Base (DIB) organization.

The convergence of North Korean cyber threat actors represents a profoundly consequential menace warranting comprehensive global monitoring. Operating in unison as a cohesive cluster, these actors consistently undertake a diverse range of campaigns motivated by various factors. In light of these findings, it becomes crucial to address and mitigate this threat with utmost vigilance and strategic response.

Comrades in Arms? - North Korea Compromises Sanctioned Russian Missile Engineering Company

sentinelone.com · by Tom Hegel Tom Hegel is a Senior Threat Researcher with SentinelOne. He comes from a background of detection and analysis of malicious actors, malware, and global events with an application to the cyber domain. His past research has focused on threats impacting individuals and organizations across the world, primarily targeted attackers.

By Tom Hegel and Aleksandar Milenkoski 

Executive Summary

• SentinelLabs identified an intrusion into the Russian defense industrial base, specifically a missile engineering organization NPO Mashinostroyeniya.
• Our findings identify two instances of North Korea related compromise of sensitive internal IT infrastructure within this same Russian DIB organization, including a specific email server, alongside use of a Windows backdoor dubbed OpenCarrot.
• Our analysis attributes the email server compromise to the ScarCruft threat actor. We also identify the separate use of a Lazarus Group backdoor for compromise of their internal network.
• At this time, we cannot determine the potential nature of the relationship between the two threat actors. We acknowledge a potential sharing relationship between the two DPRK-affiliated threat actors as well as the possibility that tasking deemed this target important enough to assign to multiple independent threat actors.

Background

North Korean threat actors have caught our attention over the past year, providing us with fruitful insight into a variety of campaigns, such as new reconnaissance tools, (multiple) new supply chain intrusions, elusive multi-platform targeting, and new sly social engineering tactics. To add to that list, let’s take a look at an intrusion into what might be considered a highly desirable strategic espionage mission – supporting North Korea’s contentious missile program.

The Target Organization

While conducting our usual hunting and tracking of suspected-North Korean threat actors, we identified a leaked email collection containing an implant with characteristics related to previously reported DPRK-affiliated threat actor campaigns. A thorough investigation of the email archive revealed a larger intrusion, not fully recognized at the time by the compromised organization.

The victim organization is NPO Mashinostroyeniya (JSC MIC Mashinostroyenia, NPO Mash), a leading Russian manufacturer of missiles and military spacecraft. The organization’s parent company is JSC Tactical Missiles Corporation KTRV (Russian: АО «Корпорация Тактическое Ракетное Вооружение», КТРВ). NPO Mashinostroyeniya is a sanctioned entity that possesses highly confidential intellectual property on sensitive missile technology currently in use and under development for the Russian military.

We are highly confident that the emails related to this activity originate from the victim organization. Furthermore, there are no discernible signs of manipulation or technically verifiable inaccuracies present in these emails. It’s essential to highlight that the leaked data comprises a substantial volume of emails unrelated to our current research scope. This suggests that the leak was likely accidental or resulted from activity unrelated to the specific intrusion under scrutiny in our investigation. However, this collection provides valuable background context for our understanding of their internal network design, security gaps, and even cases of activity by other attackers.

Example of unrelated email alerts from Russian CERT to NPO Mash

In mid-May 2022, roughly a week prior to Russia vetoing a U.N. resolution to impose new sanctions on North Korea for intercontinental ballistic missile launches that could deliver nuclear weapons, the victim organization internally flagged the intrusion. Internal NPO Mashinostroyeniya emails show IT staff exchanged discussions highlighting questionable communications between specific processes and unknown external infrastructure. The same day, the NPO Mashinostroyeniya staff also identified a suspicious DLL file present in different internal systems. The month following the intrusion, NPO Mashinostroyeniya engaged with their AV solution’s support staff to determine why this and other activity was not detected.

Following an examination of the emails and an in-depth investigation into the two separate sets of suspicious activity, we have successfully established a correlation between each cluster of activity and a respective threat actor amounting to a more significant network intrusion than the victim organization realized.

North Korean Overlap

During our investigation, we identified the suspicious file in question to be a version of the OpenCarrot Windows OS backdoor, previously identified by IBM XForce as part of Lazarus group activities. As a feature-rich, configurable, and versatile backdoor, the malware is a strong enabler of the group’s operations. With a wide range of supported functionality, OpenCarrot enables full compromise of infected machines, as well as the coordination of multiple infections across a local network. The OpenCarrot variant we analyzed supports proxying C2 communication through the internal network hosts and directly to the external server, which supports the strong possibility of a network-wide compromise.

Additionally, we discovered the suspicious network traffic discussed in emails is the compromise of the business’ Linux email server, hosted publicly at vpk.npomash[.]ru (185.24.244[.]11). At time of discovery, the email server was beaconing outbound to infrastructure we now attribute to the ScarCruft threat actor. ScarCruft is commonly attributed to North Korea’s state-sponsored activity, targeting high value individuals and organizations near-globally. The group is also referred to as Inky Squid, APT37, or Group123, and often showcases a variety of technical capabilities for their intrusions. While we are unable to confirm the initial access method and implant running on the email server at time of discovery, we link malware loading tools and techniques involving this set of infrastructure to those seen in previously reported ScarCruft activity using the RokRAT backdoor.

This intrusion gives rare insight into sensitive DPRK cyberespionage campaigns, and an opportunity to expand our understanding of the relationship and goals between various North Korean cyber threat actors. It also highlights a potential rift in relations between Russia and North Korea, considering their growing relationship.

This engagement establishes connections between two distinct DPRK-affiliated threat actors, suggesting the potential for shared resources, infrastructure, implants, or access to victim networks. Moreover, we acknowledge the possibility that the assigned task of an intrusion into NPO Mashinostroyeniya might have warranted targeting by multiple autonomous threat actors due to its perceived significance.

OpenCarrot Backdoor Activity

The OpenCarrot sample we analyzed is implemented as a Windows service DLL file, intended to execute in a persistent manner. In line with typical practices of the Lazarus group, OpenCarrot is subject to continuous, not necessarily incremental, changes. The file has a compilation timestamp of Wednesday, Dec. 01, 2021. Although the timestamp could have been manipulated by the threat actors, given the proximity to the May 2022 suspected intrusion date, it’s likely that the timestamp is authentic. Our confidence in this assessment also increases through the infrastructure analysis below.

The OpenCarrot variant we analyzed implements over 25 backdoor commands with a wide range of functionality representative of Lazarus group backdoors. In this case, supported functionality includes:

• Reconnaissance: File and process attribute enumeration, scanning and ICMP-pinging hosts in IP ranges for open TCP ports and availability.
• Filesystem and process manipulation: Process termination, DLL injection, and file deletion, renaming, and timestomping.
• Reconfiguration and connectivity: Managing C2 communications, including terminating existing and establishing new comms channels, changing malware configuration data stored on the filesystem, and proxying network connections.

The OpenCarrot sample displays further characteristics often seen among Lazarus Group malware.

Its backdoor commands are indexed by consecutive integers, a common trait of Lazarus group malware. In addition to integer-indexed commands, the developers implement string-indexed sub-commands.

Backdoor command indexing

Keeping with their typical mode of operations, the malware is intended to execute as a Windows service and exports the ServiceMain function.

OpenCarrot implements executable code in a section named .vlizer indicating the use of code virtualization for obfuscation. The .vlizer section is associated with the Oreans Code Virtualizer code protection platform, a functional subset of Themida. As previously observed in Themida-protected Lazarus group malware, some code segments of the OpenCarrot variant we analyzed are not protected.

As part of its initialization process, OpenCarrot ingests configuration data from a file whose name is composed of the service name in whose context the malware executes and the dll.mui extension. The configuration data contains encryption-protected C2 information. The use of configuration files with the dll.mui extension is a long-standing theme among Lazarus group malware, mimicking a lesser-known standard Windows file extension used to denote application resources and externalities.

OpenCarrot implements relatively long sleep time periods. To avoid remaining idle for too long whenever the user of the infected machine is active, OpenCarrot implements a mechanism to exit its sleep state earlier than instructed. If the malware is instructed to sleep for 15 seconds or more, it then monitors in 15 second intervals for the insertion of new drives, such as USBs. If such an event occurs, the malware exits its sleep state before the configured sleep time elapses. A variant of this technique has been previously observed in the Pebbledash malware.

Disk drive monitoring

OpenCarrot’s versatility is evident with its support of multiple methods for communicating with C2 servers. The malware dispatches commands for execution based on attacker-provided data originating not only from remote C2 servers, but also from local processes through named pipes and incoming connections to a TCP port on which OpenCarrot listens.

Infrastructure Analysis

North Korean-nexus of threat actors are known for not maintaining the OPSEC of their campaigns. A characteristic lack of segmentation allows researchers to amass unique insights across a variety of unreported activity. Infrastructure connections in particular often allow us to track the evolution of their campaigns over long periods of time.

We link the NPO Mashinostroyeniya email discussing suspicious networking communication as active C2 communications occurring through 192.169.7[.]197, and 5.134.119[.]142. The internal host, the organization’s Red Hat email server, was actively compromised and in communication with the attackers malicious infrastructure. A review of all details concludes the threat actor was likely operating on this server for an extensive period of time prior to the internal team’s discovery.

Email between NPO Mash Employees sharing beaconing process details

This set of malicious infrastructure was served via CrownCloud (Australia) and OhzCloud (Spain) VPS hosting providers. During the intrusion, the two domains centos-packages[.]com and redhat-packages[.]com were resolving to those C2 IP addresses. Our assessment is that this particular cluster of infrastructure became active in November 2021, and was immediately paused the same day of NPO Mashinostroyeniya’s intrusion discovery in May 2022. This finding may indicate the intrusion was high priority and closely monitored by the operators.

Infrastructure and Timeline

A relationship can be observed between this cluster of activity and a more recent ScarCruft campaign. Following the intrusion operators immediately killing their C2 server when the suspicious traffic was identified by the victim in May 2022, the centos-packages[.]com domain use was paused until it began resolving to 160.202.79[.]226 in February 2023. 160.202.79[.]226 is a QuickPacket VPS (US) hosting IP also being shared with the domain dallynk[.]com and others used by ScarCruft for malware delivery and C2 initiated through malicious documents.

Further, the domain dallynk[.]com follows the theme we’ve previously reported in which DPRK-associated threat actors impersonate Daily NK, a prominent South Korean online news outlet that provides independent reporting on North Korea. The collection of activity stemming from the dallynk[.]com domain are malware loading tools and techniques matching those seen in previously reported ScarCruft activity using the RokRAT backdoor.

Infrastructure ScarCruft Link

While conducting this research, we first publicly identified the link between the JumpCloud intrusion and North Korean threat actors. One detail that immediately struck us was the domain theme similarities, such as centos-pkg[.]org / centos-repos[.]org (JumpCloud), and centos-packages[.]com (NPO Mash). This detail is superficial and not strong enough alone to base direct clustering, but alongside other aforementioned North Korean threat actor connections, it stokes our curiosity for the particulars of the threat actors’ infrastructure creation and management procedures.

Lastly, we advise particular care into how this infrastructure is further attributed when reviewed historically. For example, the C2 server IP address 192.169.7[.]197 was used between January and May 2022 by the DPRK linked threat actor; however, that same IP was used by the Arid Viper/Desert Falcon APT in 2020, first reported by Meta Threat Investigators. Arid Viper is associated with Palestinian interests, conducting activity throughout the Middle East. We assess the Arid Viper activity is unrelated to our findings and the overlap of infrastructure is simply an example of commonly reused dubious VPS hosting providers. This further highlights the importance of associating active timeframes with IP-based indicators.

Conclusion

With a high level of confidence, we attribute this intrusion to threat actors independently associated with North Korea. Based on our assessment, this incident stands as a compelling illustration of North Korea’s proactive measures to covertly advance their missile development objectives, as evidenced by their direct compromise of a Russian Defense-Industrial Base (DIB) organization.

The convergence of North Korean cyber threat actors represents a profoundly consequential menace warranting comprehensive global monitoring. Operating in unison as a cohesive cluster, these actors consistently undertake a diverse range of campaigns motivated by various factors. In light of these findings, it becomes crucial to address and mitigate this threat with utmost vigilance and strategic response.

Indicators

MD5: 9216198a2ebc14dd68386738c1c59792 6ad6232bcf4cef9bf40cbcae8ed2f985 d0f6cf0d54cf77e957bce6dfbbd34d8e 921aa3783644750890b9d30843253ec6 99fd2e013b3fba1d03a574a24a735a82

0b7dad90ecc731523e2eb7d682063a49

516beb7da7f2a8b85cb170570545da4b

SHA1: 07b494575d548a83f0812ceba6b8d567c7ec86ed 2217c29e5d5ccfcf58d2b6d9f5e250b687948440 246018220a4f4f3d20262b7333caf323e1c77d2e 8b6ffa56ca5bea5b406d6d8d6ef532b4d36d090f 90f52b6d077d508a23214047e680dded320ccf4e

f483c33acf0f2957da14ed422377387d6cb93c4d

f974d22f74b0a105668c72dc100d1d9fcc8c72de

redhat-packages[.]com centos-packages[.]com dallynk[.]com yolenny[.]com 606qipai[.]com

asplinc[.]com

bsef.or[.]kr

192.169.7[.]197 160.202.79[.]226

96.9.255[.]150

5.134.119[.]142

sentinelone.com · by Tom Hegel Tom Hegel is a Senior Threat Researcher with SentinelOne. He comes from a background of detection and analysis of malicious actors, malware, and global events with an application to the cyber domain. His past research has focused on threats impacting individuals and organizations across the world, primarily targeted attackers.

9. N. Korea vows to launch satellites at any time

Just to maintain perspective, South Korea has successfully launched operational satellites and has a spacecraft orbiting the moon sending back data.

N. Korea vows to launch satellites at any time | Yonhap News Agency

en.yna.co.kr · by Kim Soo-yeon · August 9, 2023

SEOUL, Aug. 9 (Yonhap) -- A North Korean propaganda outlet said Wednesday the country will launch satellites at any time, following its failed attempt to launch its first military spy satellite in late May.

The North made the pledge in the August edition of the monthly propaganda magazine Kumsu Kangsan, touting the country's past satellite launches as "miracles upon miracles."

The North did not specify what type of satellites it will launch down the road, but it is highly likely to refer to its second attempt to launch a military spy satellite.

On May 31, North Korea fired the new Chollima-1 rocket carrying its reconnaissance satellite, Malligyong-1, but it crashed into the sea due to the abnormal starting of the second-stage engine.

The South Korean military said in July that the North's spy satellite has "no military utility" after it retrieved its wreckage from the Yellow Sea.

Experts said the North may seek its second launch in time with the summit among leaders of South Korea, the United States and Japan set for Aug. 18, and Seoul-Washington joint military drills scheduled for Aug. 21-24.

This photo, carried by North Korea's official Korean Central News Agency on June 1, 2023, shows the North launching its first military spy satellite, Malligyong-1, the previous day. (For Use Only in the Republic of Korea. No Redistribution) (Yonhap)

sooyeon@yna.co.kr

(END)

en.yna.co.kr · by Kim Soo-yeon · August 9, 2023

10. N. Korea, Russia defend Moscow's war with Ukraine during showing of film over Nazi trials

​Or are they foreshadowing the international tribunal Kim and Putin might face someday?

N. Korea, Russia defend Moscow's war with Ukraine during showing of film over Nazi trials | Yonhap News Agency

en.yna.co.kr · by Lee Minji · August 9, 2023

SEOUL, Aug. 9 (Yonhap) -- North Korea and Russia reaffirmed their efforts for stronger ties earlier this week during a joint showing of a Russian film portraying post-World War II trials of Nazis, according to the North's state media, in what could be an event to defend Moscow's war with Ukraine.

The film "Nuremberg" was shown at the Taedongmun Cinema in Pyongyang on Monday, jointly organized by the North Korea-Russia Friendship Association and the Russian Embassy in the North, according to the Korean Central News Agency and a Facebook message posted by the embassy.

The 2023 movie, set in the German city of Nuremberg, centers around the 1945-46 trials at the International Military Tribunal that held representatives of Nazis accountable for invading other countries and conducting wartime atrocities.

This image, posted on the Facebook page of the Russian Embassy in North Korea, shows the film "Nuremberg." (PHOTO NOT FOR SALE) (Yonhap)

In what appeared to be a justification of Russia's war in Ukraine, Russian Ambassador Alexander Matsegora said his country was forced to enter a war in the wake of a resurgence of Nazism in many countries, including Ukraine.

Matsegora said Western countries, such as the United States and Great Britain, are arming neo-Nazis in such countries, thus inciting a war with Russia that played a "decisive role" in breaking up Nazism.

The remarks appeared to be reiterating Russian President Vladimir Putin's claim justifying the war in Ukraine as a "fight against neo-Nazism."

Ryu Kyong-il, vice-chairman of the friendship association between the two nations, supported the allegation, vowing to strengthen cooperation with Russia for the sake of global peace and security.

"In a bid to ensure peace and safety around the world, our two countries have supported each other and bolstered strategic cooperation in a fight against adversaries seeking to conquer the world," Ryu was quoted as saying by the Russian embassy.

Pyongyang and Moscow, alongside Beijing, are increasingly strengthening their ties in the face of growing trilateral security cooperation among Seoul, Washington and Tokyo.

In a rare visit of a foreign delegation since the outbreak of the COVID-19 pandemic, a Russian military delegation, led by its Defense Minister Sergei Shoigu, visited North Korea last month to attend a massive military parade and an arms exhibition showcasing intercontinental ballistic missiles and new drones.

This undated photo, posted on the Facebook page of the Russian Embassy in North Korea, shows officials attending a film viewing of the Russian film "Nuremberg" in Pyongyang this week. (PHOTO NOT FOR SALE) (Yonhap)

mlee@yna.co.kr

(END)

en.yna.co.kr · by Lee Minji · August 9, 2023

11. Facing Down an Arsenal: Considering Agile Combat Employment in Korea

Conclusion:

All of the fundamental assumptions urgently driving agile combat employment consideration against a Chinese threat now exist for the North Korean threat. It’s time to match that sense of urgency in Korea.

Facing Down an Arsenal: Considering Agile Combat Employment in Korea - War on the Rocks

warontherocks.com · by Zach Hughes · August 9, 2023

In March of 2023, commuters in South Korea had a front-row seat to an unexpected airshow: an armada of U.S. and Korean attack and cargo aircraft unceremoniously landing on the highway in front of them. These aviators demonstrated their ability to survive and operate even after their primary airfields succumbed to a North Korean missile attack. Meanwhile, airmen from Osan Air Base deployed dispersed detachments of fighter aircraft and support personnel. Led by junior officers and sergeants, these dispersed teams continued to generate exercise combat sorties despite significant logistical hurdles, intermittent communications, and artillery bombardment from a simulated adversary. Begun as an experiment, these events grew to something more: a demonstration of what a survivable, credible deterrent might look like in Korea.

In the past five years, the U.S. Air Force has reoriented its focus toward a potential conflict with China, the “pacing threat” outlined in the 2022 National Security Strategy. To better prepare for combat against an adversary like China, the Air Force has adopted agile combat employment: a doctrine of dispersing combat aircraft to numerous bases, greatly complicating Chinese targeting. Unfortunately, the same urgent “problem framing” has not informed a similar look at another Indo-Pacific flashpoint: an increasingly belligerent and nuclear-armed North Korea. Recent North Korean bellicosity — and South Korean assertiveness in response — warrants continued intellectual investment in how to position U.S. forces in this part of the world.

The North Korean threat has changed, and now the same operational problems driving the Air Force to adopt agile combat employment against China are present in North Korea: long-range precision fires with the potential to overwhelm hardened air bases. Fortunately, the Air Force can address these concerns by exploring a modified version of agile combat employment in Korea. Furthermore, Korea has some advantages that offset the challenges normally associated with agile combat employment, including assured allied support, robust lines of communication, and prepositioned war materiel.

Become a Member

Airpower is the United Nations Command’s greatest asymmetric advantage, a deterrent that has maintained peace for seventy years. This deterrent should be survivable to remain credible, requiring fresh thinking in the face of new threats. Using the same harsh logic applied to the rest of the Pacific, the Air Force will likely conclude that agile combat employment is the key to keeping airpower in Korea credible.

A Growing Threat: The Need for Agile Combat Employment Experimentation in Korea

Over the past three decades, both China and Russia have invested in precise long-range fires with the capability to disrupt any buildup of regional airpower — especially the kind of massive buildup used in Operation Desert Storm. While not singularly decisive, such weapons are sufficiently precise and numerous to make any concentration of combat aircraft at major bases prohibitively costly. Russia demonstrated lethal examples of such standoff weapons against Ukraine, while the establishment of the independent People’s Liberation Army Rocket Force signaled China’s focus on long-range missiles.

It is crucial not to underestimate these threats. A recent open-source wargame pitting the United States against China found that the U.S. Air Force stood to lose up to 700 combat aircraft in three weeks in a conflict over Taiwan, and 90 percent of those aircraft were destroyed on the ground. The same wargame concluded that further investment in aircraft dispersal was urgently needed. Recognizing that its preferred, highly efficient “mega base” construct was becoming extremely vulnerable, the U.S. Air Force adopted agile combat employment as its best mitigation.

The same logic underlying aircraft dispersal in a conflict against China is present in North Korea. The Korean People’s Army has the largest artillery force in the world and has recently been outfitted with new 300mm multiple-launch rocket systems. These systems have “negligible” circular-error-probable (likely miss distance) and can probably range all major bases in the northern half of South Korea — including those that host U.S. combat airpower. This is to say nothing of the nuclear-capable cruise and ballistic missiles fielded by the Korean People’s Army Strategic Force. Additionally, unlike China, North Korea could employ a deadly combination of conventional and chemical weapons. These precise conventional systems could degrade any chemically protected shelters, allowing chemical weapons to cause major disruptions to an airbase. Furthermore, North Korean leader Kim Jong Un has indicated that he intends to use nuclear weapons first in a conflict with the United States. The consolidation of U.S. combat power in a small handful of bases in South Korea is a tempting target for a nuclear strike. Finally, North Korea has the largest special operations force in the world, with over 200,000 troops deployable from an armada of aircraft, submarines, and hovercraft. These forces would create a “second front” in South Korea, and one of their targets would likely be major airbases. Even a few infiltrators on a flightline of densely packed aircraft could wreak havoc, as tragically unfolded at Camp Bastion, Afghanistan, in 2012.

While all four of these factors (precision, combined conventional/chemical attacks, nuclear threats, and special operations forces) are different, they all have one feature in common: They’re particularly useful against concentrated, densely packed, easily located targets. While U.S. bases in Korea traditionally focus on hardening to counter threats, the increasing lethality and precision of North Korean weapons should drive significant questioning about this approach. Such logic has been applied to a fight against China and should now be considered in Korea. The increasing belligerence of both China and North Korea should increase the urgency of this investigation.

The Case for Optimism: Why Korea is Unusually Well-Suited for Agile Combat Employment

Agile combat employment has numerous vulnerabilities, which are documented in series of critiques from Chinese academics associated with the People’s Liberation Army. While these vulnerabilities would be severe in any conflict against China, they may not apply to a conflict in Korea.

The first of these vulnerabilities is the susceptibility of dispersal bases to detection and subsequent targeting. Against an adversary with sophisticated intelligence, surveillance, and reconnaissance this is a potentially crippling vulnerability. However, North Korea has no high-altitude, space-based, or penetrating reconnaissance. While North Korea presumably knows about every airfield in South Korea, it lacks timely intelligence to know how assets are dispersed between (and within) airfields. Without the aid of a third party, North Korea would probably struggle to shift fires in response to the dispersal of aircraft.

The second vulnerability that the Chinese academics identified was that agile combat employment is reliant on allied nations’ willingness to host U.S. assets. While nations like Japan are likely to support the dispersal of U.S. assets, other Indo-Pacific countries might be hesitant to choose sides in a war between superpowers. Helpfully, the situation in Korea is clearer: The commitment of both the United States and Republic of Korea to fight in the face of North Korean hostilities has never been in serious question.

The third identified challenge of agile combat employment is the difficulty of logistics sustainment of numerous dispersal bases. Without significant prepositioned stockpiles, such dispersal bases would still be reliant upon the highly targetable main bases after only a few days of fighting. This is particularly problematic when an adversary’s operational reach extends into one’s own rear area. Such was the case for the Polish Air Force in 1939. Anticipating a German surprise attack, the Polish Air Force dispersed to a network of secret airfields. Predictably, the vacated main bases acted as decoys, drawing Luftwaffe attacks. However, dispersed operations brought challenges: As the Wehrmacht advanced, Polish squadrons withdrew eastward, with wear and tear on their aircraft after each move. Some units redeployed six times in one week. Ground crews took days to rejoin. Worse, many supplies were left behind, resulting in critical fuel shortages after a week. The Polish case is an analogue for agile combat employment. At best, it preserves combat power in the face of superior enemy firepower. At worst, it creates unsolvable logistics problems.

Fortunately, in South Korea there is already a robust stockpile of war materiel, with several co-located operating bases acting as “warm” bases. Should the use of truly austere fields be required — such as Korea’s system of highway emergency landing strips — the robust rail, road, and port systems of South Korea provide multiple redundant pathways for logistics to support them. This contrasts sharply with the potentially isolated island-basing construct envisioned for a war with China. Additionally, the presence of the U.S. 8th Army in Korea provides a mechanism to accelerate any logistics movement between dispersal bases. Such Army support to agile combat employment has already been proposed as one of the lessons emerging from Russia’s war in Ukraine. Small-scale exercises in transporting Air Force munitions using Army helicopters have already occurred in Korea. While dispersed logistics would be challenging, Korea has inherent advantages not found elsewhere.

The Chinese academics failed to identify a fourth major challenge of agile combat employment: the difficulty in commanding and controlling dispersed aircraft. Assuming that communications networks could suffer heavy physical and electromagnetic attack, Air Force leaders emphasize the need for units to operate semi-autonomously for prolonged periods. Indeed, such principles underlie the chief of staff’s “Action Orders” to airmen, emphasizing the importance of low-level initiative and leadership. In Korea such efforts would be easier to synchronize. The war plans in Korea are well understood by all units stationed there and are frequently exercised by every echelon. Thus, even if cut off from higher headquarters, detachments would have a strong understanding of their mission priorities. Furthermore, there are multiple military and civilian communications networks available in Korea — realistically, units could maintain some form of contact with higher headquarters.

How to Begin: Four Observations

Agile combat employment against North Korea would look different than against China. Compared with those in Korea, U.S. bases in other Western Pacific countries have less hardened infrastructure. This makes the choice between hardening or dispersal pointed, such that dispersal might be the only viable defense. This scarcity should not constrain the thinking in Korea, where both “stay-and-fight” and “dispersal” bases are already hardened. Dispersal complements hardening because each detachment that disperses draws attention and firepower away from the main base, thereby improving its durability.

Additionally, substantial bottom-up experimentation exists, and senior leaders should look for replicable, scalable innovations. For instance, the United States and South Korea have practiced multinational launch/recover operations on highway emergency landing strips. Similarly, major U.S. exercises now trial a “hub and spoke” basing construct from agile combat employment doctrine. Finally, airmen have found ways to package critical communications hardware, making it rapidly deployable — including in the back of the ubiquitous Korean “Bongo” truck. Senior leaders should seek out the best innovations and expand them.

Furthermore, models, simulations, and wargames can identify the correct balance between concentration and dispersal. Korea already has a robust system of operational-level simulation and wargaming sufficient to explore agile combat employment. Such experimentation should identify the optimal ratio between concentration and dispersal during a crisis or conflict, identify the major decision points at which that ratio should be adjusted, and then write these findings into existing war plans.

Finally, Air Force leaders can capitalize on substantial secondary benefits to agile combat employment experimentation in Korea. Aligning Korea-based combat airpower with the rest of Pacific Air Force’s doctrinal “playbook” would streamline integration in any contingency, whether other Pacific units were deployed to reinforce Korea or whether Korea-based units were redeployed to deter China. Also, thousands of young airmen and officers begin their careers with a Korea tour — introducing agile combat employment earlier in their careers will benefit the Air Force as a whole.

The Call for Action

There is a real danger to overfitting agile combat employment, yet that should not detract from serious consideration of its merits. To guard against overfitting it’s worth asking two questions. First: Does dispersal preserve (via survivability) more combat power than it costs (via logistical inefficiencies)? The fact that logistics collapse is possible in dispersed operations is not itself an argument against agile combat employment — instead, it is merely an argument for detailed analysis to identify the right balance. Korea has significant advantages in both survivability, dispersal, and logistics, but detailed study remains.

Second, consider an adversary’s operational reach: Is there sufficient depth to disperse airpower and its attendant logistics support for the duration of the campaign? In the case of a Korean conflict, many of the North’s long-range conventional weapons cannot range the southern half of South Korea. Although a major land invasion is possible, it is unlikely to proceed far south given U.N. Command overmatch on the ground. Disruptive effects from special operations forces are a threat, but such forces would be quickly overwhelmed by the South Korean army’s massive reserve components. The Korean case stands in marked contrast to the aforementioned case of Poland in 1939, where German air and land forces had greater speed, range, and overmatch throughout the battlespace.

With increasingly bellicose military actions and rhetoric from both North Korea and China, the risks for a miscalculation — and resumption of the Korean War — are higher than at any time in years. Coupled with increasingly deadly North Korean capabilities, this is a poor time for intellectual complacency. Fortunately, significant bottom-up experimentation has already been underway. These efforts should be accelerated and synchronized.

All of the fundamental assumptions urgently driving agile combat employment consideration against a Chinese threat now exist for the North Korean threat. It’s time to match that sense of urgency in Korea.

Become a Member

Lt. Col. Zach Hughes recently completed a tour as commander of the 25th Fighter Squadron at Osan Air Base, Republic of Korea. He is an U.S. Air Force senior pilot with over 2500 hours in the A-10C, including 1100 combat hours in Afghanistan, Syria, and Iraq. He is a graduate of the U.S. Air Force Weapons School and the U.S. Marine Corps School of Advanced Warfighting. The views expressed are those of the author and do not reflect the official policy or position of the U.S. Air Force, Department of Defense, or the U.S. government.

Commentary

warontherocks.com · by Zach Hughes · August 9, 2023

12. Ep. 39 Shin-wha Lee: Understanding Seoul's DPRK Policy - Interconnection between Human Rights and Denuclearization

A ten minute video (with English subtitle at the link: https://www.globalnk.org/interview/view?cd=INT000041&utm

I had the opportunity to speak to Professor Lee's graduate students in the Peace and Democracy program at Korea University last week. I spoke on the Alliance, the Armistice, human rights, information, and unification.

Ep. 39 Shin-wha Lee: Understanding Seoul's DPRK Policy - Interconnection between Human Rights and Denuclearization

Interview | August 07, 2023

Shin-wha Lee

Ambassador for International Cooperation on North Korean Human Rights

globalnk.org · by Professor of Korean Unification, Diplomacy and Security at Korea University

Interview | August 07, 2023

Shin-wha Lee

Ambassador for International Cooperation on North Korean Human Rights

Shin-wha Lee, the Ambassador for International Cooperation on North Korean Human Rights, assesses the Yoon government’s North Korea policy as a valid approach to establish a virtuous cycle and mutual complementarity between “peace” and “freedom,” which are the core tenets of Yoon’s foreign policy. Highlighting that South Korea’s North Korean Human Rights Act provides meaningful platforms to openly discuss and hold the violator accountable, Lee urges the Yoon government to build on existing reports and multilateral initiatives to improve the North Korean human rights conditions. Furthermore, Lee argues that human rights and denuclearization must be linked in order to provide opportunity for North Korea to be accepted as a “normal state,” ensure effective verification during the potential denuclearization process, and offer the regime an economic incentive.

Note: The publication mentioned from 04:12~04:38 of the interview refers to the special report released by KINU, titled "Is North Korean Human Rights Improving?(김정은시대 북한인권은 변화하고 있는가?)." While this report had not been released during the time of the webinar in early June, it was published recently on July 24, 2023. To read the report, please follow the link.

■ Shin-wha Lee is the Ambassador for International Cooperation on North Korean Human Rights and Professor of Department of Political Science and International Relations at Korea University.

■ Typeset by Jisoo Park , Research Associate

For inquiries: 02 2277 1683 (ext. 209) | jspark@eai.or.kr

Theme

Human Rights and Humanitarian Assistance

Address : 1, Sajik-ro 7 gil, Jongno-gu, Seoul 03028, Republic of Korea

Company Registration Number : 104-82-07922 TEL : 82-2-2277-1683 FAX : 82-2-2277-1684

Copyright © GLOBAL NK ZOOM & CONNECT AND EAST ASIA INSTITUTE. All Right Reserved.

Newsletter

• Sung-wook Nam
• Professor of Korean Unification, Diplomacy and Security at Korea University

globalnk.org · by Professor of Korean Unification, Diplomacy and Security at Korea University

13. UN office faults Korea for inviting Myanmar envoy to arms event

Oops. An own goal here. 

The ROK must be a responsible partner in the Arsenal of Democracy.

Wednesday

August 9, 2023

 dictionary + A - A 

Published: 09 Aug. 2023, 15:11

UN office faults Korea for inviting Myanmar envoy to arms event

https://koreajoongangdaily.joins.com/2023/08/09/national/diplomacy/korea-myanmar-arms/20230809151113372.html

Ambassador of Myanmar to Korea Thant Sin, left, on a K-2 tank during a Korean arms promotional event in Pocheon, Gyeonggi, on May 2. [NEWS1]

The Office of the High Commissioner for Human Rights (OHCHR) took Korea to task for inviting the ambassador of Myanmar to Korea to a promotional event showcasing Korean tanks and weapons.  

“It is especially concerning that the Government of the Republic of Korea would invite a representative of the State Administration Council to an event promoting weapons exports given the junta’s responsibility for well-documented attacks on civilian populations,” said Tom Andrews, the UN special rapporteur on the situation of human rights in Myanmar, in his letter to the Korean government on June 5, recently released on the OHCHR's website.

The State Administration Council is Myanmar's ruling military junta.

Myanmar’s Ambassador to Korea Thant Sin was one of dozens of diplomats who visited the Korean military’s training ground in Pocheon, Gyeonggi in May. 

Members of the diplomatic corps climbed into a K-2 Black Panther or K-21 tank, and inspected up close the K-1 tank, K-808 wheeled armored personnel carrier, K-600 combat engineering vehicle, the K-9 Thunder and K-239 Chunmoo system.

Andrews said he was “extremely concerned” with the Korean government’s decision and questioned whether it was suggesting it could even sell weapons to Myanmar and its military regime.

“His reported participation in the event legitimizes an illegal and brutal military junta and raises doubts about the Republic of Korea’s policy concerning arms transfers to the Myanmar military.”

Thant Sin was photographed waving atop a tank during the event. 

He has been the ambassador of Myanmar to Korea since 2019 and continued his tenure even after the February 2021 coup in Myanmar.

The Korean government slapped unilateral sanctions on Myanmar in March 2021, banning any arms exports to the country. 

The Korean government, in its response to the UN issued via its embassy in Geneva in July, said that the invitation extended to the ambassador of Myanmar was part of those extended to “all Asean countries in accordance with established practice.”

Anti-coup protesters run as one of them discharges a fire extinguisher to counter the impact of tear gas fired by riot policemen in Yangon, Myanmar, March 3, 2021. [AP/YONHAP]

“The invitation does not mean any intention to grant arms transfers to the Myanmar military or other entities in Myanmar,” it said, adding there is no change in the Korean government’s policy on banning arms sales to Myanmar and its support for the restoration of democracy in the country. 

But officials of the Ministry of Foreign Affairs present at the event, which included the second Vice Foreign Minister Lee Do-hoon, had offered to connect any diplomats present with military manufacturers in Korea. 

The event, taking place on May 2, took place just a month after the military regime in Myanmar had carried out an airstrike in Sagaing Region that killed approximately 170 people, including dozens of children and women, according to the OHCHR. 

Officials of the Yoon Suk Yeol government, including the president, have vowed repeatedly to pursue values-based diplomacy since its inauguration last year.

People protest during a demonstration to mark the second anniversary of Myanmar's 2021 military coup, outside the Embassy of Myanmar in Bangkok, Thailand, on Feb. 1. [REUTERS]

BY PARK HYUN-JU, ESTHER CHUNG [chung.juhee@joongang.co.kr]

14. Blue House cut Foreign Ministry out of Thaad talks: Diplomatic sources

I guess we can really describe THAAD as a debacle as there were mistakes made on both the Korean and US side. Which is too bad because this is an important system that contributes to the mutual defense of the ROK and US forces within the ROK.

Tuesday

August 8, 2023

 dictionary + A - A 

Published: 08 Aug. 2023, 17:50

Updated: 08 Aug. 2023, 20:19

Blue House cut Foreign Ministry out of Thaad talks: Diplomatic sources

https://koreajoongangdaily.joins.com/2023/08/08/national/diplomacy/korea-thaad-china/20230808175007710.html

Residents of Seongju County, North Gyeongsang, protest the deployment of the U.S.-led antimissile Terminal High Altitude Area Defense system in the town on Sept. 8, 2022. [NEWS1]

Diplomatic sources say former President Moon Jae-in's office cut the Ministry of Foreign Affairs out of negotiations with China over the deployment of the U.S.-led antimissile Terminal High Altitude Area Defense (Thaad) system, with the Blue House taking direct charge of the talks.

The Moon administration followed those talks with the controversial "Three Nos" in October 2017, in which Seoul pledged not to deploy additional Thaad systems, not to participate in U.S.-led missile defense networks and not to transform the U.S.-Korea-Japan relationship into a military alliance. 

Beijing has repeatedly voiced its opposition to Thaad, calling it a U.S. scheme to spy on China.

“These negotiations were largely led by the Blue House, and members of the Foreign Ministry were left out of the loop altogether,” a diplomatic source told the JoongAng Ilbo on Monday.

The testimony contradicts that of the Blue House at the time. A presidential spokesperson told the press right before the policy’s announcement that Foreign Ministry officials had been “included in the negotiations” and that both the Korean Embassy in Beijing and the Chinese Embassy in Seoul had “collaborated actively” to reach the agreement.

However, the diplomatic source told the JoongAng Ilbo that the embassies did little more than provide administrative assistance to Blue House officials. 

While involving top presidential aides in international negotiations is standard practice, cutting out high-ranking Foreign Ministry officials — and their expertise — from negotiations is diplomatically risky since even the smallest details of talks, including the choice of words, can lead to diplomatic disputes down the road.

Another diplomatic source said the Foreign Ministry, in its internal memos and communications, suggested that negotiators tell their Chinese interlocutors that the Three Nos may be subject to change, and that a provision be added to that effect.

That point went moot, however, when the Blue House led final negotiations with China, according to the source. 

Launcher vehicles of the Thaad system placed in Seongju County, North Gyeongsang, on June 22 [YONHAP]

While there was no official declaration from either China or Korea spelling out the policy, then-Foreign Minister Kang Kyung-wha told the National Assembly in October 2017, after the bilateral negotiations, that the Korean government was considering neither additional deployments of Thaad nor participation in an American missile defense network and that trilateral cooperation with Washington and Japan would not develop into a military alliance.

The Three Nos has plagued Seoul-Beijing ties since the Yoon Suk Yeol administration was inaugurated last year. Yoon vowed to ensure the Thaad system went into operation during his term. As of June, the administration said most preparations to launch the system have been completed.

The installation of the Thaad system in Seongju County, North Gyeongsang, took place in October 2017, but the formation of a committee of experts and officials to carry out an environmental impact assessment was repeatedly delayed. 

Presidential records of the Moon administration obtained earlier this year by a lawmaker suggested the liberal administration may have deliberately held up the environmental impact assessment for fear of its impact on a hoped-for visit by Chinese President Xi Jinping.  

The Thaad system requires an environmental impact assessment before it can go into active operation.

Experts in Korea said this revelation was hardly surprising given the Moon administration’s priority to engage with North Korea, which would have required improved ties with China.

“At the time, the Moon Jae-in administration considered the Thaad conflict between Korea and China as an obstacle to improving inter-Korean relations and led the negotiations with a political strategy in mind rather than a diplomatic, military or security one,” said Kim Jin-ho, professor of political science at Dankook University. “Their strategy did not work out. Now the poorly patched-up Thaad agreement has come back to haunt them.”

Democratic Party Rep. Yoon Kun-young, who was a presidential aide in 2017, dismissed the allegation that the Blue House singlehandedly led the negotiations with China.

“It is impossible to have the Blue House negotiate a diplomatic case without the involvement of the Foreign Ministry,” Yoon said. “Officials from the Ministry of Foreign Affairs and the Korean Embassy in China also participated in the consultation process.”

Another diplomatic source who played a key role in crafting Moon’s China policy told the JoongAng Ilbo that the administration "even consulted with the White House" over the Three Nos policy.

BY YOO JEE-HYE, JEONG JIN-WOO AND ESTHER CHUNG [chung.juhee@joongang.co.kr]

15. CTBTO chief urges N. Korea to take 'small step' in nuclear test moratorium

​Excerpts:

On the growing public debate in the South over whether Seoul should acquire its own nuclear weapons, Floyd said he was "encouraged" that the government has "stood rock solid firm in its position to support a strong global architecture for nonproliferation and, ultimately, disarmament of nuclear weapons."

"I'm particularly proud of the strength, the courage and the leadership of the government of the Republic of Korea to stand firm with the vast majority of the states in the world on these important issues."

Floyd also stressed that the CTBTO has had strong ties with South Korea over the years, noting Seoul signed the CTBT on the first day it was opened for signature in 1996.

"That is a significant sign of the commitment of your country, and we have seen nothing less than that strong commitment (from South Korea) towards this treaty," he said. 

CTBTO chief urges N. Korea to take 'small step' in nuclear test moratorium

The Korea Times · August 9, 2023

Robert Floyd, executive secretary of the Comprehensive Nuclear-Test-Ban Treaty Organization, speaks during an interview with Yonhap News Agency at a hotel in Seoul, Aug. 9. Yonhap

The head of the international body tasked with overseeing a global ban on nuclear tests said Wednesday that he hopes to see North Korea take a "small step" in committing not to proceed with what would be its seventh nuclear test.

In an exclusive interview with Yonhap News Agency in Seoul, Robert Floyd, executive secretary of the Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO), said he hopes to see "North Korea take a small step towards building some bridges of trust and confidence with other countries."

Based in Vienna, Austria, the CTBTO is a global organization tasked with building up the verification regime of the Comprehensive Nuclear-Test-Ban Treaty (CTBT).

"It would be a helpful first step, and on that, hopefully, we could see discussions and negotiations and some level of peace and security that could actually be built upon that," Floyd said.

Pyongyang is widely believed to have been preparing to conduct what would be its seventh nuclear test, as the regime focuses on increasing the quantity of its nuclear forces and advancing related technologies.

The North conducted its sixth and last nuclear test in September 2017.

Floyd, who visited South Korea for the first time in his capacity as CTBTO executive secretary, added that he wishes to "engage with the leadership" in the North for talks on potential suspensions of nuclear tests.

"My desire is to have a conversation with them. And I would not want to prejudge anything, but to have that conversation would be a wonderful thing," he said.

Floyd, who previously worked as the director general of the Australian Safeguards and Non-proliferation Office before joining the CTBTO in 2021 as its chief, stressed that South Korea has been "involved in technical exchange and interaction with our organization to see the improvement of the international monitoring system and the international data center."

The CTBTO's global network comprises 321 monitoring stations across the world, detecting seismic vibrations and sounds in both the atmosphere and ocean, as well as radioactive isotopes to detect nuclear tests across the world.

The organization has a monitoring station in Wonju, 87 kilometers southeast of Seoul.

Robert Floyd, executive secretary of the Comprehensive Nuclear-Test-Ban Treaty Organization, speaks during an interview with Yonhap News Agency at a hotel in Seoul, Aug. 9. Yonhap

Floyd expressed confidence in the CTBTO's capacity to pick up "every seismic activity" that takes place in North Korea, saying that its system detects "even small events, such as the crumbling of the tunnels inside the Punggye-ri test site," despite not having any measuring equipment inside the North.

When asked about North Korea's evolving ballistic missile technology and its implications for the country's nuclear warhead delivery capabilities, Floyd made clear that ballistic missile development "was not our focus."

He stressed his organization's focus was to "detect any country anywhere in the world that might test a nuclear device and conduct a nuclear explosion."

The CTBTO chief also highlighted that the organization provides "objective, independent information" related to nuclear testing to all 186 signatories to the CTBT.

North Korea, India and Pakistan are the only countries among the organization's Annex-2 nations that haven't signed the treaty.

The United States, China, Israel, Iran and Egypt have signed it but have yet to ratify it.

According to a CTBTO official, more than 2,000 nuclear tests were conducted in over 60 locations between 1945 and 1996, when the CTBT was adopted for signing.

Since 1996, there have been fewer than 12 tests, of which North Korea conducted six, all since 2000, the official added.

Robert Floyd, executive secretary of the Comprehensive Nuclear-Test-Ban Treaty Organization, speaks during an interview with Yonhap News Agency at a hotel in Seoul, Aug. 9. Yonhap

"That to me is success. And the reason it's successful is because the international monitoring system, that verification mechanism, is already set up and already working," Floyd said.

On the issue of ratification of the CTBT by the U.S. and China, Floyd noted that their "decision to ratify is bound in various geo-strategic considerations."

"I would certainly welcome any initiative which would see great statesman-like leadership being displayed by China and the United States of America to move forward on a treaty such as this."

On the growing public debate in the South over whether Seoul should acquire its own nuclear weapons, Floyd said he was "encouraged" that the government has "stood rock solid firm in its position to support a strong global architecture for nonproliferation and, ultimately, disarmament of nuclear weapons."

"I'm particularly proud of the strength, the courage and the leadership of the government of the Republic of Korea to stand firm with the vast majority of the states in the world on these important issues."

Floyd also stressed that the CTBTO has had strong ties with South Korea over the years, noting Seoul signed the CTBT on the first day it was opened for signature in 1996.

"That is a significant sign of the commitment of your country, and we have seen nothing less than that strong commitment (from South Korea) towards this treaty," he said. (Yonhap)

The Korea Times · August 9, 2023

16. N. Korea wants Russian technical assistance to further nuclear program

I am recalling the following story off the top of my head. perhaps the Korea hand who described it once at a conference can correct me if I am wrong or fill in the details.

So back in the 1950s north Korea sent about 250 scientists and technicians to Moscow to study technical disciplines to support the nuclear program. Upon completion of their PhDs one of the the top students from north korea shared that the Soviets wanted him to remain in Moscow and continue studying. His comrades reported that to the nK security service and he was sent to the gulag for his lack of demonstration of personal loyalty to Kim Il Sung. Fast forward to the late 1970s or early 80s and Kim Il Sung is still having trouble developing his nuclear program. He asked the Soviet premier for help. He replied that why should the USSR help when the regime puts its best scientist in the gulag. Kim Il Sung did not know that happened. They removed him from the gulag and he went on to head the nK nuclear program. That is one indication of why the nK systems fail - the regime demands personal loyalty over competence. Security is more important than success and competence.

N. Korea wants Russian technical assistance to further nuclear program

“We need technology to miniaturize the warheads attached to delivery vehicles already deployed in the field,” a source told Daily NK

By Seulkee Jang - 2023.08.09 10:00am

dailynk.com

N. Korea wants Russian technical assistance to further nuclear program | Daily NK

A photograph from North Korean state media shows Kim Jong Un talking to the Russian defense minister at a parade celebrating the DPRK’s victory in the Korean War on July 29. (Rodong Sinmun-News1)

North Korean cadres are saying that their country’s lavish reception of a Russian delegation during a recent military parade to celebrate DPRK’s “victory” in the Korean War was aimed at obtaining Moscow’s technical cooperation in nuclear weapons development, Daily NK has learned.

During the military parade on July 27, North Korean leader Kim Jong Un stood side-by-side with Russian Defense Minister Sergei Shoigu on the podium at Kim Il Sung Square. On July 26, Kim also provided the Russian defense minister with explanations of the new weapons on display at Weapons and Equipment Exhibition 2023.

In fact, many North Korean cadres believe Pyongyang wants more from Russia than simple gifts of wheat or oil, including technology transfers or cooperation that can help in the development and operation of nuclear weapons, a source inside North Korea told Daily NK last Thursday. 

“No place has developed undersea drones like Russia,” he said, adding: “This is why [North Korea] unveiled the ‘Haeil’ unmanned underwater nuclear attack craft.”

Korea Central TV, which live broadcasted the recent celebratory military parade, described the Haeil as an “important, super-powerful absolute weapon of the Republic’s nuclear combat forces that will sink the heinous invasion ships all at once with a tidal wave of vengeance.”

However, the Haeil appears to require more technological advancement before it can be deployed in the field.

“We need technology to miniaturize the warheads attached to delivery vehicles already deployed in the field,” the source said.

While North Korea has deployed ICBMs such as the Hwasong-17 and Hwasong-18 to the country’s Strategic Force, the country does not appear to have acquired miniaturized warheads.

Based on the source’s account, that Kim Jong Un took time to talk to the Russian defense minister about the country’s strategic weapons was aimed at showing that, after receiving Russian technical help in the initial stages of nuclear development, the DPRK has made considerable progress in its independent development of nuclear weapons despite international sanctions.

Kim also intended to sound out the possibility of receiving technical cooperation from Moscow, the source claimed.

North Korea’s supply of weapons to Russia looks set to continue

Most North Korean cadres are aware that the DPRK has been providing Russia with ammunition, grenades, artillery shells and other conventional weapons since last year, receiving wheat, natural gas, oil and other forms of assistance in return.

A Daily NK interview with a high-ranking North Korean official last December confirmed that the DPRK is providing conventional weapons to Russia in return for oil and gas.

“We will sell arms to Russia this time around, too,” another Daily NK source in North Korea claimed. “Because the interlocutor [at the recent meeting] was the [Russian] defense minister, we likely asked for technical cooperation for nuclear weapons rather than economic aid.”

The Financial Times (FT) reported on July 29 that it observed the Ukrainian military attacking Russia with North Korean-made rockets that are presumed to have been taken from Russia.

According to the FT, a Ukrainian artillery unit operating a Soviet-era BM-21 Grad multiple rocket launcher recently attacked a Russian position in the hotly contested frontline city of Bakhmut in eastern Ukraine. The Ukrainian military said the North Korean rockets were being transported by ship when they were seized before they could be delivered to the Russians.

In a photo accompanying the story, “Bang-122” is written in Korean on the rocket canisters. Bang is short for bangsapo, or “multiple rocket launcher,” while the “122” indicates the caliber, in this case, 122 millimeters. 

Translated by David Black. Edited by Robert Lauler. 

Daily NK works with a network of sources who live inside North Korea, China and elsewhere. Their identities remain anonymous due to security concerns. More information about Daily NK’s reporting partner network and information gathering activities can be found on our FAQ page here.  

Please direct any comments or questions about this article to dailynkenglish@uni-media.net.

Read in Korean

Seulkee Jang

Seulkee Jang is one of Daily NK’s full-time journalists. Please direct any questions about her articles to dailynkenglish@uni-media.net.

dailynk.com

17. Two N. Korean street sellers talk about challenges they face

More evidence that Kim Jong Un is more afraid of the Korean people than he is of the ROK and US militaries. Cracking down on markets is having an effect on the people's resilience. They are losing their relief valve or safety mechanism that began in the 1990s with the rise of the people's markets and what has sustained them for nearly three decades. Now there appears to be no relief in sight. What will happen in the near and long term future? Are we prepared for the instability that might arise?

Two N. Korean street sellers talk about challenges they face

"We're miserable because we're not allowed to earn money in peace," a street seller in Yanggang Province told Daily NK

By Lee Chae Un - 2023.08.08 10:00am

dailynk.com

FILE PHOTO: Vendors and customers at the Rason Market in North Hamgyong Province. (Daily NK)

North Korean street sellers are taking a direct hit to their livelihoods as the authorities intensify their COVID-19-era curbs on streetside commerce. The intensified crackdowns is causing greater friction between street sellers and police officers.

Businesspeople who sell food or vegetables on the street do so because they cannot afford to rent booths in local markets. Placed in impoverished conditions – and unable to make a living due to continued crackdowns on their businesses – these people cannot make KPW 1,000 a day, even if they spend all day on the streets. Faced with constant harassment from the police and enforcement teams, these businesspeople are fighting back, even engaging in head-on clashes with the authorities.

Daily NK recently conducted interviews with two street sellers, one in North Hamgyong Province and the other Yanggang Province. The interviews provide insight into the poor standard of living street sellers face and how serious their friction with the police and enforcement teams has become.

One of the interviewees, an individual identified as “A” who sells vegetables on the street in North Hamgyong Province, told Daily NK that “before COVID-19, even if the state cracked down on streetside commerce, you could still make a living by steering clear of enforcement agents, except for special situations like when Central Committee inspectors came to town. But, nowadays, enforcement agents are enthusiastically cracking down on our businesses on a daily basis.”

“A” further told Daily NK that “if we have nothing in our pockets, we have to starve. You have to sell things to make money, but since we’re hunted in daily crackdowns, we can’t sell anything and are forced to take on losses. Driven to the verge of starvation, we have only anger left. So, when we’re caught in a crackdown, we fling ourselves at the enforcement agents in a suicidal sort of way. I think not a day goes by when people like me don’t fight with the enforcement agents.”

The other interviewee, an individual identified as “B” who sells rice cakes in Yanggang Province, told Daily NK that “the government gives us nothing; it’s just keen to carry out crackdowns and restrict our business activities. The authorities treat people who are forced to sell things on the street as criminals, and things are so bad that when we see police officers, we curse them as ‘people with neither blood nor tears.’”

“B” further told Daily NK that “because I have to make a living, I walk an hour to town everyday with my three-year-old child on my back. However, even before I can put out my wares, enforcement agents come up and growl at me to leave immediately. So, I wrap up my wares and move to a different place, but as soon as I start putting out my wares, enforcement agents appear out of nowhere. When I look at myself, wandering around to sell things in the blazing sun with a child on my back, I wonder why I have to live like this. When that sorrow explodes into anger, I fight with the police, foaming at the mouth.”

How much do street sellers make per day amid these contact crackdowns?

“A” told Daily NK that “you need to make more than KPW 3,000 a day to just buy corn gruel, but we can’t even make KPW 500. Since COVID-19, everyone’s lives have gotten worse. However, the lives of people who live day-to-day selling things on the street have gotten especially worse. People are exhausted and barely holding on amid crackdowns to stop them from selling things. We hit the streets despite the continued crackdowns because if we don’t earn money we can even drink water. We have to fiercely struggle just to find a way to sell things.”

Meanwhile, “B” told Daily NK that “if you make KPW 200,000 a month, you can make a living surviving on rice mixed with grain, but I make KPW 1,000 only five or so days a month. I can’t even afford gruel since it’s harder to make money because of the crackdowns.”

“B” went on to say that “rice sellers let you buy on credit for only three or four days. After that, they don’t extend you credit. Even if you make KPW 1,000 a day, that’s the price of 300 grams of corn, and it’s exceptionally rare to earn that much. So, if you’ve got no money and can’t buy on credit, the only thing left is to starve. Moreover, our neighborhood was a tough place to live to start with, and now, every family faces greater hardship than before. Some people have swollen faces from hunger, while others are just skin and bones. Some days, I’ve been hit with the scary thought that all of us are just going to die. Families that were well-off before are still doing well, while middle-class families can still eat. The problem is people like us. We’re miserable because we’re not allowed to earn money in peace.”

Translated by David Black. Edited by Robert Lauler.

Daily NK works with a network of sources who live inside North Korea, China and elsewhere. Their identities remain anonymous due to security concerns. More information about Daily NK’s reporting partner network and information gathering activities can be found on our FAQ page here.

Please direct any comments or questions about this article to dailynkenglish@uni-media.net.

Read in Korean

dailynk.com

18. How a secret plot to assassinate North Korea’s leader spiraled out of control

Some interesting history. Not every story can be a "Dirty Dozen" success (e.g., using criminals to conduct military or covert operations)

How a secret plot to assassinate North Korea’s leader spiraled out of control

South Korea enlisted criminals to seek revenge for attempt to kill president, only for plan to end in bloodshed in Seoul

https://www.nknews.org/2023/08/how-a-secret-plot-to-assassinate-north-koreas-leader-spiraled-out-of-control/?utm

Andrei Lankov August 7, 2023

SHARE

South Korean soldiers in Aug. 2014 | Image: Republic of Korea Armed Forces

In the early afternoon of Aug. 23, 1971, Seoul was in a state of emergency. A group of North Korean special forces was allegedly about to invade the city. Just past two in the afternoon, a short but intense exchange of fire took place at Yeouido, along the Han River, not far from where the National Assembly was under construction.

Soon, though, it became clear that the incident had nothing to do with North Korean commandos. Instead, mutineers from a secret South Korean military contingent known as Unit 684 had penetrated the capital before being brought to heel. Stranger still, their original mission had been to kill DPRK leader Kim Il Sung.

This bizarre episode had its roots years earlier, in a failed assassination attempt on South Korea’s president. And reexamining this often overlooked incident shines a light on a tense period in relations between the two Koreas, serving as a reminder that Seoul has not always renounced efforts to seek North Korean regime change.

OPERATION BADGER

In Jan. 1968, North Korean special forces snuck across the border and came perilously close to killing South Korean President Park Chung-hee. Only a stroke of fortune prevented the Blue House raid, as it’s come to be known, from going down in history as a massacre.

In the aftermath, President Park convened a meeting at the Blue House in late March 1968, attended by the top military commanders and the head of ROK intelligence, and they reached a consensus to execute a retaliatory operation. 

Initially, the plan was to strike the North Korean special forces base, but a more audacious idea gained traction: an attack on the residence of Kim Il Sung, the North Korean leader. 

The ROK leadership viewed this as a fitting tit-for-tat response. They tasked the South Korean air force with the operation, as the original plan was to airdrop the commandos near Kim Il Sung’s residence. 

Seoul decided its reprisal forces would be made up of 31 elite soldiers to match the number North Koreans sent to the Blue House. The operation received the codename Operation Badger, and then-head of the Korean Central Intelligence Agency Kim Hyeong-uk and air force chief Chang Chi-riang enthusiastically supported the plan.

Old radio equipment | Image: NK News

INTENSE AND GRUELING 

Throughout the 1960s, South Korea occasionally deployed reconnaissance teams into North Korean territory. A training center for these teams was situated on Silmi Island, an islet near Incheon, and the ROK military chose the island to serve as the base for Unit 684, which it created to prepare for and conduct the retaliatory raid.

Given the nature of the mission, it was apparent that the chances of the commandos’ survival were slim to none. While suicidal missions have been undertaken throughout history, usually volunteers are recruited who are willing to sacrifice their lives for ideological or patriotic reasons.

In the late 1960s, with memories of the Korean War still vivid, it would have been possible to find such volunteers. However, the South Korean military opted for a rather unconventional route: They recruited individuals with criminal backgrounds or those in desperate circumstances.

These recruits were referred to as “trainees” or “operatives” and were distinct from the regular soldiers of the South Korean armed forces. ROK officers oversaw Unit 684 and subjected the operatives to harsh treatment, including physical abuse. In one instance, as early as June 1968, two trainees tried to escape but were captured and beaten to death.

Training for Unit 684 was intense and grueling. The operatives received instruction in small unit tactics, map reading, handling explosives and radio equipment, as well as various survival skills. They underwent extensive firearms training and hand-to-hand combat exercises. 

The military also constructed a replica of Kim Il Sung’s residence based on aerial photographs, which was then used for mock infiltration exercises.

The infiltration plan itself was highly unconventional. After considering various options, air force analysts concluded that using aircraft was not viable as North Korean air defense radars would detect them. Instead, military planners made the decision to approach Kim Il Sung’s residence using a large balloon.  

By the end of 1968, preparations were complete. However, at the 11th hour, the commanding officers of Unit 684 were informed that the operation might be postponed or even canceled. 

One contributing factor was a change in personnel among the leadership. Many of the fervent supporters of Operation Badger, including Kim Hyeong-uk of the Korean CIA and Chang Chi-riang of the air force, had departed from their top positions in the military and intelligence bureaucracy.

There were likely other considerations as well. The viability of Operation Badger was questionable at best. When North Korea carried through the Blue House raid in 1968, Pyongyang leaders were operating under the assumption that South Korea was on the brink of revolution and that the assassination of Park Chung-hee would create chaos to be exploited by the revolutionary forces. 

This assumption could have been misguided, but there was a certain logic behind it. 

In contrast, even if Operation Badger killed Kim Il Sung, it was unlikely to bring about significant changes in North Korea. Kim’s successor would likely have been one of his trusted comrades, ensuring that the country remained on the same course. 

Grenades and bullets | Image: Pixabay

THIRST FOR REVENGE 

In the initial stages, the driving force behind Operation Badger was a thirst for revenge, an intense but not necessarily rational motive. 

By 1969, emotions had cooled and the leadership in Seoul was likely able to evaluate the situation more objectively. Intriguingly, some people who have closely studied the Silmi Island affair have posited that Operation Badger might have been a ruse, intended solely to appease Park Chung-hee by demonstrating to him that the South Korean military was prepared to retaliate. This theory might explain why Unit 684 was composed of individuals considered expendable.

With the change in circumstances, conditions at the Silmi Island base worsened. Food became scarce and rice turned into a luxury. In Oct. 1969, another trainee managed to escape but was quickly apprehended and beaten to death. This incident foreshadowed the grim events that were about to unfold.

In Nov. 1970, three trainees fled Silmi Island, grabbing what they thought were hand grenades. They went to nearby Muuui Island, where they abducted and raped two local women. The authorities were alerted, and soldiers from Unit 684 were dispatched to apprehend the deserters. 

Upon realizing they were surrounded, the fugitives took additional hostages — nine students and a teacher from a school on the island. Then the two would-be North Korea infiltrators realized they made a mistake: Instead of hand grenades, they had stolen useless smoke bombs. 

Facing the prospect of a brutal end if captured, the escapees attempted suicide with oyster knives, the only weapons they could find. They failed and were captured, then brutally killed — two were beaten to death and one was beheaded. Nobody cared about legal formalities.

This bizarre episode brings into question the rationale behind recruiting criminals for Unit 684. The mission required individuals with not only physical capabilities but also the mental fortitude, vigilance and planning skills to undertake yearslong training and isolation. 

The use of criminals in military operations, such as the French Foreign Legion or Wagner Group in Russia, usually involves them being under the supervision of professional officers. So the decision to recruit these people was either a strange mistake, or a sign that those who suggested Operation Badger did not take it seriously.

Following the Muui Island incident, it was evident that something needed to be done regarding Unit 684, which had outlived its initial purpose. But discussions dragged on without resolution. 

A publicity still from the movie “Silmido” (2003) | Image: CJ ENM

A STRANGE MISTAKE?

Meanwhile, the trainees began to view themselves more as prisoners with indefinite sentences. And this led to the events of Aug. 23, 1971, when a mutiny erupted on Silmi Island.

The trainees, again demonstrating short-term planning capacities but lacking a long-term strategy, launched a surprise attack on the regular soldiers stationed on the island at around 6 a.m. They killed most soldiers, with only six surviving by hiding. 

The mutineers then fled the island and commandeered a bus near Incheon around 1 p.m., making their way to Seoul with the intent to assassinate Park Chung-hee, whom they blamed for their plight. Ironically, Unit 684, initially established to assassinate Kim Il Sung, culminated in a desperate attempt to kill Park Chung-hee.

News of the Silmi Island mutiny had reached Seoul, and the police and military were prepared for a confrontation. As Unit 684’s existence was a state secret, authorities claimed that North Korean special forces were attempting to infiltrate the city — an entirely plausible claim at the period. 

The bus was intercepted on Yeouido, then on the outskirts of Seoul city proper along the Han River, at 2:20 p.m. A firefight ensued, and the outcome was inevitable. Four trainees were killed in action, two succumbed to their injuries, 14 committed suicide and the remaining four were captured and later executed. Six civilians and two police officers were killed in the crossfire.

Despite government efforts to control the narrative, it soon became known that the armed conflict involved a mutiny by special forces who had been trained for operations against North Korea. 

But the full details of the incident remained concealed until the 1990s. The story gained widespread attention after the release of the film “Silmido” in 2003, which attracted over 10 million viewers. 

Even today, many official documents related to the incident remain classified and beyond reach. The families of the trainees only received formal death notifications in 2006, and in May this year, Seoul’s defense ministry announced that it would excavate the remains of four of the operatives as part of an investigation into the incident.

Edited by Arius Derr

De Oppresso Liber,

David Maxwell

Vice President, Center for Asia Pacific Strategy

Senior Fellow, Global Peace Foundation

Editor, Small Wars Journal

Twitter: @davidmaxwell161

Phone: 202-573-8647

email: david.maxwell161@gmail.com