“Given North Korea’s bleak economic outlook, CNO may be seen as a cost-effective way to modernize some North Korean military capabilities,” the report assesses. “The North Korean regime may view CNO as an appealing platform from which to collect intelligence.”

North Korea appears to be feeling its way around in the dark of the internet and seeing what it can get away with. Since 2009, the Pentagon says, the North Koreans are believed to have targeted the servers of a major South Korean bank to erase customer records and render its online services inaccessible. Pyongyang likely DDOS’d a bunch of South Korean government and private websites over the last several years. Just last month, while tensions on the Korean Peninsula spiked, Seoul accused Pyongyang of infecting tens of thousands of computers used by the South’s banking and television industries with malware.

Back in April, he website of the U.S. military command on the Korean peninsula briefly went offline — and fueled suspicion that Pyongyang was to blame. Interestingly, the Pentagon stops short of blaming North Korea for the outage.

All this is commensurate with what the Pentagon sees as a broader pattern in North Korea’s military development: developing its unconventional prowess — like nuclear weapons and experimental long-range missiles — to compensate for its aged, creaking conventional forces.