View text source at Wikipedia

Reconnaissance General Bureau

Reconnaissance General Bureau
정찰총국

The Reconnaissance General Bureau participated the military parade in February 2023
Intelligence agency overview
Formed2009
Preceding Intelligence agency
Minister responsible
  • Ri Chang-ho
Parent departmentGeneral Staff Department of the Korean People's Army (partially)
정찰총국
Hangul
정찰총국
Hanja
偵察總局
Revised RomanizationJeongchal Chongguk
McCune–ReischauerChŏngch'al Ch'ongguk

The Reconnaissance General Bureau (Korean정찰총국; RGB), part of the General Staff Department, is a North Korean intelligence agency that manages the state's clandestine operations.[1] Most of their operations have a specific focus on Japan, South Korea, and the United States.[2] It was established in 2009.[2][3]

The RGB is regarded as North Korea's primary intelligence and clandestine operations organ.[4] Although its original missions have traditionally focused on clandestine operations such as commando raids, infiltrations and disruptions, the RGB has since come to control most of the known North Korean cyber capabilities, mainly under Bureau 121 or its speculated successor, the Cyber Warfare Guidance Bureau.[4]

It was headed at one time by Kim Yong-chol as the first head of the RGB.[5][6]

History

[edit]

It is the direct successor of the General Staff Department of the Korean People's Army's Reconnaissance Bureau (Korean: 정찰국)[7] (which was responsible for several North Korean acts of espionage such as the 1996 Gangneung submarine infiltration incident[8]). In addition, two former offices of the Central Committee of the Workers' Party of Korea (WPK) were moved into the Reconnaissance General Bureau, namely the WPK's External Investigations and Intelligence Department (Korean: 조선노동당 대외정보조사부), also known as Office 35, and the WPK's Operations Department, which was responsible for kidnapping foreign nationals during the Cold War.[9][3][10]

The RGB was established in 2009 to consolidate various intelligence and special operations agencies of the North Korean government, meaning that units previously tasked with "political warfare, foreign intelligence, propaganda, subversion, kidnapping, special operations, and assassinations" were merged into one single organization.[11]

In August 2010, an RGB agent posing as a defector was caught by South Korean police for planning to assassinate Hwang Jang-yop, who had defected from North Korea in 1997. The previous month two North Korean spies had been imprisoned for plotting to murder Hwang.[12] North Korea denied involvement, but the later defector "Kim Kuk-song" said that he had personally directed the July 2010 operation.[13] "Kim" also said "I can tell you that North Korean operatives are playing an active role in various civil society organisations as well as important institutions in South Korea.".[13]

A defector, a former senior colonel known by the pseudonym Kim Kuk-song, whose identity has been verified by the BBC, had a senior position in the RGB until 2014, and revealed much information about the Bureau's activities in a 2021 interview with the BBC.[13]

On October 31, 2017, two suspects were arrested by Public Security police in Beijing in an attempt to assassinate Kim Han-sol.[14] They were part of a seven-man team sent by the RGB.[15]

On November 12, 2021, an alleged RGB agent led an operation in Japan to illegally obtain foreign currency to shore up the North Korean economy by ordering two South Korean nationals to conduct a business that was against their official status of residence.[16]

On February 15, 2022, an upcoming UN report mentions that the RGB is involved in running several service-related industries throughout Cambodia.[17]

Cyberwarfare Operational Role

[edit]

The foundations for North Korean cyber operations were built in the 1990s, after North Korean computer scientists returned from travel abroad proposing to use the Internet as a means to spy on enemies and attack militarily superior opponents such as the United States and South Korea. Subsequently, students were sent abroad to China to participate in top computer science programs.[18]

The cyberwarfare unit was elevated to top priority in 2003 following the US invasion of Iraq.[18]

Organization

[edit]

The structure of the RGB is as follows as of 2021:[1][19]

Department Mandate
First Department Training and technical assistance
Second Department Military intelligence
Third Department Signals intelligence and computer hacking
Fifth Department Known as Bureau 35, deals with foreign intelligence, including South Korea. Suspected of conducting the assassination plot on Kim Jong-nam
Sixth Department Military contacts/policy guidelines
Seventh Department Logistics
Bureau 121[20][21] RGB's main cyberwarfare unit. Said to be placed under its control after 2013.[22]

Command

[edit]

Reconnaissance missions are also partially overseen by the General Staff Department (GSD) of the Korean People's Army (KPA). As of 2014, experts argued that "North Korea does not seem to have yet organized these units into an overarching Cyber Command."[11]

The RGB appears to report directly to the National Defence Commission, as well as Kim Jong-un as the supreme commander of the KPA.[11]

Methods

[edit]

Until 2017, many North Korean spies were arrested in South Korea. But far fewer were arrested in the following years, apparently as the North started using new technologies rather than old-fashioned spying. In particular, high-profile defectors warned that Pyongyang had created a body of 6,000 skilled hackers.[13]

See also

[edit]

References

[edit]
  1. ^ a b Lankov, Andrei (1 May 2017). "On the Great Leader's Secret Service: North Korea's intelligence agencies". NK News. Korea Risk Group. Archived from the original on 31 July 2018.
  2. ^ a b "Kim Jong-nam: Who in North Korea could organise a VX murder?". BBC News. 24 February 2017. Retrieved 13 May 2017.
  3. ^ a b Jun, Jenny; LaFoy, Scott; Sohn, Ethan (2015). North Korea's Cyber Operations: Strategy and Responses. Center for Strategic and International Studies report. Lanham, Maryland: Rowman & Littlefield. p. 39. ISBN 978-1-4422-5903-4.
  4. ^ a b "North Korea's Cyber Operations: Strategy and Responses" (PDF). Center for Strategic and International Studies. Archived from the original (PDF) on 25 October 2019. Retrieved 16 October 2017.
  5. ^ "North Korea Is Sending Military Hardliner Kim Yong Chol to the Olympic Closing Ceremony. Here's What to Know". Time. Retrieved 3 March 2018.
  6. ^ "N Korea to send general to Olympics". BBC News. 22 February 2018. Retrieved 3 March 2018.
  7. ^ "38 North Special Report: A New Emphasis on Operations Against South Korea?" (PDF). 38 North.
  8. ^ "In 1996, a Dead North Korean Spy Submarine (Armed with Commandos) Nearly Started a War". Center for the National Interest. 13 March 2017.
  9. ^ Gause, Ken E. (2006). North Korean Civil-military Trends: Military-first Politics to a Point. Carlisle Barracks, Pennsylvania: Strategic Studies Institute, U.S. Army War College. p. 28. ISBN 978-1-58487-257-3.
  10. ^ Gause, Ken E. (2013). "The Role and Influence of the Party Apparatus". In Park, Kyung-ae; Snyder, Scott (eds.). North Korea in Transition: Politics, Economy, and Society. Rowman & Littlefield. pp. 19–46. ISBN 978-1442218123.
  11. ^ a b c "The Organization of Cyber Operations in North Korea" (PDF). Center for Strategic and International Studies. Archived from the original (PDF) on 30 June 2019. Retrieved 16 October 2017.
  12. ^ "S Korea arrests 'N Korean agent'". Al Jazeera. 20 October 2010.
  13. ^ a b c d Bicker, Laura (11 October 2021). "Drugs, arms, and terror: A high-profile defector on Kim's North Korea". BBC News. The BBC cannot independently verify [Kim Kuk-song's] claims, but we have managed to verify his identity and, where possible, found corroborating evidence for his allegations.
  14. ^ Ryall, Julian (30 October 2017). "China 'detains North Korean assassins seeking Kim Jong-un's dissident nephew Kim Han-sol'". The Daily Telegraph. Retrieved 7 September 2018.
  15. ^ "Chinese police foil assassination plot on Jong Nam's son". Free Malaysia Today. 31 October 2017. Retrieved 7 September 2018.
  16. ^ "2 South Koreans nabbed in Japan part of North Korea cash operation: Sources". Archived from the original on 12 November 2021.
  17. ^ "North Korean spy ran hotels, casinos and travel agency in Cambodia: UN report". NK News. Archived from the original on 15 February 2022. Retrieved 22 February 2022.
  18. ^ a b Sanger, David E.; Kirkpatrick, David D.; Perlroth, Nicole (15 October 2017). "The World Once Laughed at North Korean Cyberpower. No More". The New York Times. ISSN 0362-4331. Retrieved 16 October 2017.
  19. ^ Ji Young, Kong; Jong In, Lim; Kyoung Gon, Kim. The All-Purpose Sword: North Korea's Cyber Operations and Strategies (PDF). 2019 11th International Conference on Cyber Conflict: Silent Battle (Report). NATO.
  20. ^ "FDD | Kim Jong Un's 'All-Purpose Sword'". 3 October 2018.
  21. ^ https://www.hhs.gov/sites/default/files/dprk-cyber-espionage.pdf [bare URL PDF]
  22. ^ [1] [bare URL PDF]