Lim­ited ac­cess: North Korea goes on­line

Be­ing con­nected doesn’t mean more free­dom for those liv­ing un­der Kim Jong Un, writes Eric Tal­madge

Weekend Herald - - World -

Ever so cau­tiously, North Korea is go­ing on­line. Doc­tors can con­sult via live, on­line video con­fer­enc­ing, and lec­tures at pres­ti­gious Kim Il Sung Uni­ver­sity are streamed to far­away fac­to­ries and agri­cul­tural com­munes. Peo­ple use on­line dic­tio­nar­ies and text each other on their smart phones. In the wal­lets of the priv­i­leged are “Jon­song” or “Narae” cards for e-shop­ping and on­line bank­ing. Cash reg­is­ters at ma­jor depart­ment stores are plugged into the web.

It’s just not the world wide web. This is all done on a tightly sealed in­tranet of the sort a medium-sized com­pany might use for its em­ploy­ees.

The free flow of in­for­ma­tion is anath­ema to au­thor­i­tar­ian regimes, and with the pos­si­ble ex­cep­tion of the African dic­ta­tor­ship of Eritrea, North Korea is still the least in­ter­net-friendly coun­try on Earth. Ac­cess to the global in­ter­net for most is unimag­in­able. Hardly any­one has a per­sonal com­puter or an email ad­dress that isn’t shared, and the price for try­ing to get around the Gov­ern­ment’s rules can be se­vere.

But for Kim Jong Un, the coun­try’s first leader to come of age with the in­ter­net, the idea of a more wired North Korea is also at­trac­tive. It comes with the po­ten­tial for great ben­e­fits to the na­tion from in­for­ma­tion tech­nol­ogy — and for new forms of so­cial and po­lit­i­cal con­trol that prom­ise to be more ef­fec­tive than any­thing his fa­ther and grand­fa­ther could have dreamed of. It also al­lows for the pos­si­bil­ity of cy­ber­at­tacks on the West.

Py­ongyang’s so­lu­tion is a twotiered sys­tem where the trusted elite can surf the in­ter­net with rel­a­tive free­dom while the masses are kept in­side the na­tional in­tranet, painstak­ingly sealed off from the out­side world, metic­u­lously surveilled and built in no small part on pil­fered soft­ware.

The regime cre­ated, in other words, an on­line ver­sion of North Korea it­self.

Surf­ing the in­tranet

Ris­ing from Ssuk Is­land in the Tae­dong River, which di­vides Py­ongyang east and west, is a build­ing shaped like a colos­sal atom.

The “knowl­edge sec­tor” is a key pri­or­ity for Kim Jong Un, and the sprawl­ing, glassy Sci-Tech Com­plex, a cen­tre for the dis­sem­i­na­tion of science-re­lated in­for­ma­tion through­out the coun­try, is one of his sig­na­ture de­vel­op­ment projects. It houses North Korea’s big­gest e-li­brary, with more than 3000 ter­mi­nals where fac­tory work­ers par­tic­i­pate in tele-learn­ing, kids in their bright red scarves watch car­toons and uni­ver­sity stu­dents do re­search.

Pak Sung Jin, a 30-year-old post­grad­u­ate in chem­istry, came to work on an es­say. It’s a week­day and the e-li­brary is crowded.

Un­like most North Kore­ans, Pak has some ex­pe­ri­ence with the in­ter­net, though on a su­per­vised, need-only ba­sis. If Pak needs any­thing from the in­ter­net, ac­cred­ited uni­ver­sity of­fi­cials will find it for him. As a scholar and a sci­en­tist, Pak says, it’s his pa­tri­otic duty to be on top of the most up-to­date re­search.

To­day, he is re­ly­ing on the in­ter­net’s North Korean al­ter ego, the na­tional in­tranet. Be­low a red la­bel that states his black “Ul­lim” desk­top com­puter was do­nated by Dear Re­spected Leader Kim Jong Un, what’s on Pak’s screen is for North Korean eyes only. The IP ad­dress,, in­di­cates he’s on the walled-off net­work North Kore­ans call “Kwangmy­ong”, which means bright­ness or light.

Us­ing the “Nae­nara” browser — the name means “my coun­try” but it’s a mod­i­fied ver­sion of FireFox — Pak vis­its a restau­rant page, his uni­ver­sity web­site, and cook­ing and on­line shop­ping sites.

There are very few ac­tual sites on Kwangmy­ong. An of­fi­cial at the SciTech Cen­tre said they num­ber 168.

They are spread across sep­a­rate net­works for gov­ern­ment agen­cies, schools and li­braries, and com­pa­nies. It’s all do­mes­ti­cally run, though gov­ern­ment-ap­proved con­tent culled from the in­ter­net can be posted by ad­min­is­tra­tors, pri­mar­ily for re­searchers like Pak.

North Korea’s na­tional in­tranet con­cept is unique and ex­treme even when com­pared with other in­for­ma­tion-wary coun­tries. China and Cuba, for ex­am­ple, are well known for the ex­tent of con­trol the Gov­ern­ment ex­erts over what ci­ti­zens can see. But that is done pri­mar­ily through cen­sor­ship and block­ing, not com­plete sep­a­ra­tion.

Like most North Korean com­put­ers, the desk­tops at the SciTech Com­plex run on the “Red Star” op­er­at­ing sys­tem, which was de­vel­oped by the Korea Com­puter Cen­tre from Linux open-source cod­ing.

Red Star 3.0 has the usual wid­gets: the Nae­nara browser, email, a cal­en­dar and time zone set­tings, even “kPhoto” (with an icon that looks a lot like iPhoto). Older ver­sions fea­tured a Win­dows XP user in­ter­face but it now it has a Mac de­sign, right down to the “spin­ning beach ball” wait icon.

Ver­sions of Red Star that have made it out of North Korea and into the hands of for­eign cod­ing ex­perts also re­veal some rather sin­is­ter, and for most users in­vis­i­ble, fea­tures.

Any at­tempt to change its core func­tions or dis­able virus check­ers re­sults in an au­to­matic re­boot cy­cle. Files down­loaded from USBs are wa­ter­marked so that au­thor­i­ties can iden­tify and trace crim­i­nal or sub­ver­sive ac­tiv­ity, a se­cu­rity mea­sure that takes aim at the spread of unau­tho­rised con­tent from South Korea, China and else­where.

Red Star also uses a trace viewer that takes reg­u­lar screen­shots of what is be­ing dis­played. The screen­shots can’t be deleted or ac­cessed by the typ­i­cal user but are avail­able for check­ing if a trained gov­ern­ment of­fi­cial de­cides to take a look.

The Aza­lea smart phone and the Ry­onghung iPad

The most com­mon on­line ex­pe­ri­ence for North Kore­ans isn’t on a lap­top or desk­top. It’s on a smart phone.

A decade ago, only a small cadre of se­lect regime and mil­i­tary of­fi­cials had ac­cess to smart phones. Now, ac­cord­ing to the main provider’s most re­cent fi­nan­cial re­ports, there are an es­ti­mated 2.5-3 mil­lion mo­bile phones in North Korea, a coun­try of

25 mil­lion.

The rapid spread of mo­bile phones is one of the big­gest suc­cess sto­ries of the Kim Jong Un era. Af­ter a cou­ple of false starts, the North’s foray into mo­bile tele­coms be­gan in earnest in

2008 un­der Kim Jong Il. But it has truly blos­somed over the past five years with the in­tro­duc­tion of 3G ser­vices, thanks in large part to two for­eign in­vestors — Lox­ley Pa­cific of Thai­land and Egypt’s Oras­com Tele­com Me­dia and Tech­nol­ogy.

Like the walled-off in­tranet, North Korea’s phones deny ac­cess to the out­side world.

Lo­cal phones al­low North Kore­ans to call and text each other, play games, surf the do­mes­tic in­tranet and ac­cess some other ser­vices. Users have hun­dreds of ring tones to choose from, and can get weather up­dates, look words up in dic­tio­nar­ies and snap self­ies. But they can­not re­ceive or place calls to num­bers out­side that net­work — the rest of the world, in other words.

It’s easy enough for North Kore­ans to buy phones, though the phones must be reg­is­tered and ap­proved. A good “Py­ongyang” or “Ari­rang” model smart phone costs from US$200 ($287) to US$400. More ba­sic phones go for much less, es­pe­cially if the phone is sec­ond-hand.

On the sec­ond floor of the Pot­tong­gang IT cen­tre, a clerk stands be­hind a glass dis­play cab­i­net filled with tablets and USB flash drives. Signs on the wall be­hind her ad­ver­tise anti-virus soft­ware and apps to put on mo­bile phones, which they can do by Blue­tooth at the store. One of the most pop­u­lar apps is a role play­ing game based on Boy Gen­eral, a lo­cally cre­ated hit anime se­ries. It costs US$1.80.

For­eign­ers in North Korea are rel­e­gated to a dif­fer­ent net­work and can­not make calls to, or re­ceive calls from, lo­cal num­bers. They can buy lo­cal phones if they want, but the de­vices will be stripped of the apps and fea­tures that they nor­mally carry and se­curely coded so that the apps can’t be added on later. Wi-fi use is banned for North Kore­ans, and tightly re­stricted and mon­i­tored to block sur­rep­ti­tious pig­gy­back­ing on for­eign­ers’ sig­nals.

North Korea un­doubt­edly im­ports and re­brands some of its IT prod­ucts. But over the past few months, two com­pa­nies have gen­er­ated quite a stir among Ap­ple fans with prod­ucts billed to be wholly do­mes­tic: the “Jin­dal­lae (Aza­lea) III” mo­bile phone and the “Ry­onghung iPad”. The gad­gets’ in­sou­ciant sim­i­lar­ity to Ap­ple prod­ucts, and the flat-out ap­pro­pri­a­tion of the “iPad” name, isn’t es­pe­cially sur­pris­ing. Kim Jong Un likes Ap­ple prod­ucts — he has been pho­tographed with a MacBook Pro on his pri­vate jet, and even had a 21-inch iMac on the desk be­side him when state me­dia showed him re­view­ing a nu­clear “US main­land strike plan” four years ago.

It seems North Korean coders have also lifted some ideas from Ap­ple.

Out­side ex­perts be­lieve a pro­gram sim­i­lar to what Ap­ple uses in its OS X and iOS is be­lieved to be the ba­sis of the booby-trap that thwarts at­tempts to dis­able se­cu­rity func­tions in Red Star.

Wired elites and cy­ber­sol­diers

While block­ing off the masses, North Korea al­lows more in­ter­net ac­cess to a small seg­ment of so­ci­ety, in­clud­ing the coun­try’s elite and its cy­ber­sol­diers.

To cre­ate a snap­shot of the on­line be­hav­iour of the elite, US-based cy­ber threat in­tel­li­gence com­pany Recorded Fu­ture and Team Cymru, a non-profit in­ter­net se­cu­rity group, an­a­lysed ac­tiv­ity in IP ranges be­lieved to be used by North Korea from April to July this year. They found that the lim­ited num­ber of North Kore­ans with ac­cess to the in­ter­net are much more ac­tive and en­gaged in the world and with con­tem­po­rary ser­vices and tech­nolo­gies than many out­siders had pre­vi­ously thought, ac­cord­ing to Priscilla Mo­ri­uchi, Recorded Fu­ture’s di­rec­tor of strate­gic threat de­vel­op­ment and a for­mer NSA agent. “North Korean lead­ers are not dis­con­nected from the world and the con­se­quences of their ac­tions,” she said.

How deep the ac­cess goes isn’t known. Recorded Fu­ture and Team Cymru of­fi­cials con­tacted by the AP re­fused to com­ment on de­tails of their dataset, in­clud­ing how many “elite” users were ob­served and how for­eign tourists or res­i­dents in the North were ex­cluded.

Even so, it stands to rea­son at least some mem­bers of the North Korean lead­er­ship have the ac­cess they need to keep up on world events and that spe­cial­ist agents are al­lowed to mon­i­tor and cull in­tel­li­gence from the in­ter­net.

There is also strong ev­i­dence that North Korea al­lows peo­ple in­volved in hack­ing or cy­ber oper­a­tions the ac­cess nec­es­sary for a deep en­gage­ment in cy­ber­at­tacks and cy­ber­crime.

Ac­cord­ing to the FBI, the North’s big­ger hacks in­clude the re­cent Wan­naCry ran­somware at­tack, which in­fected hun­dreds of thou­sands of com­put­ers in May and crip­pled parts of Bri­tain’s Na­tional Health Ser­vice. It has been linked to at­tacks on the Bangladeshi cen­tral bank last year and on banks in South Korea go­ing back to 2013. There was also the 2014 hack of Sony Pic­tures over the re­lease of The In­ter­view, a black com­edy that graph­i­cally por­trayed Kim Jong Un be­ing killed. US au­thor­i­ties re­cently dubbed North Korea’s cy­ber pres­ence “Hid­den Co­bra”. Weapon­is­ing cy­berspace is a log­i­cal op­tion for the North be­cause it can be done at rel­a­tively low cost and at the same time de­nied, ac­cord­ing to a Con­gres­sional re­port sub­mit­ted in Au­gust.

Py­ongyang has de­nied hack­ing al­le­ga­tions, but the abil­ity to carry out so­phis­ti­cated cy­ber oper­a­tions is a pow­er­ful mil­i­tary weapon in the hands of a state. Just as as­suredly as North Korea is de­vel­op­ing its nu­clear and mis­sile ca­pa­bil­i­ties, most ex­perts as­sume, it’s hon­ing its cy­ber war­fare tool box.

Beau Woods, the deputy di­rec­tor of the Cy­ber State­craft Ini­tia­tive at the At­lantic Coun­cil, cau­tioned of a “pre­pon­der­ance of ques­tion marks” re­gard­ing North Korea’s cy­ber skills. But he warned of how po­ten­tially dev­as­tat­ing a more cy­ber-ac­tive North Korea could be.

Those con­cerns are turned on their head back at the Sci-Tech Cen­tre in Py­ongyang.

Pak, the chemist, sup­ports the of­fi­cial line in North Korea that the in­creas­ing dan­ger of cy­ber­at­tacks and slan­der­ous in­ter­net pro­pa­ganda comes from the US against Py­ongyang. “Don’t you see how se­vere the anti-Repub­lic slan­der of our en­e­mies on the In­ter­net is?” Pak said, al­though the restric­tive poli­cies make it dif­fi­cult for him to carry out his re­search. “There are a lot of cases where the in­ter­net is be­ing used to raise hos­til­ity against us.”

Pic­tures / AP

Even when us­ing your smart phone in North Korea you can ex­pect some­one to be watch­ing you.

Py­ongyang’s Sci-Tech Com­plex houses North Korea’s big­gest e-li­brary, with more than 3000 ter­mi­nals.

Newspapers in English

Newspapers from New Zealand

© PressReader. All rights reserved.