Security Market Segment LS
Thursday, 26 April 2018 05:12

N. Korea Net use shifts from Western to Chinese sites: study

By

Use of the Internet in North Korea, limited as it is to elite circles, has now shifted from sites commonly used in the West to mainly Chinese sites like Alibaba, Tencent and Baidu, according to a report from security and intelligence vendor Recorded Future.

The company issued an updated analysis of a study on North Korean Internet use by former NSA analyst Priscilla Moriuchi on Thursday Australian time, following up on a study issued in July last year. Moriuchi now works for Recorded Future as part of its Insikt Group.

Last year's study had found that "North Korea’s ruling elite were plugged into contemporary Internet society, were technologically savvy, and had patterns of internet use that were very similar to users in the West".

That appears to have changed in the period between December 2017 and March 2018, with Moriuchi writing, "North Korean leadership nearly totally abandoned Western social media and significantly increased their operational security procedures in the six months since our original analysis". The use of Western social media sites has been officially banned in North Korea since April 2016.

The release of the data comes a day ahead of scheduled inter-Korean talks on Friday. The analysis covers the period December 2017 to 15 March, "because it represented a period of transition and intensified intra-Korean dialogue in advance of the February 2018 Winter Olympics in South Korea".

Recorded Future found that Internet use was still limited to a small group in Pyongyang, these being the most senior leaders and ruling elite.

But the country has an internal network called Kwangmyong which connects libraries, universities, and government departments and is slowly making its way into homes of better-off citizens. It houses a number of domestic websites, an online learning system, and email.

"What is most striking about the social media activity from the December 2017 through March 2018 dataset is the near absence of Facebook and Instagram activity, and the significant increase in use of Chinese services," the study noted.

Access to the Internet is through three methods:

Via their allocated .kp range, 175.45.176.0/22 (Intel Card), which also hosts the nation’s only Internet-accessible websites. These include nine top-level domains such as co.kp, gov.kp, and edu.kp, and approximately 25 subdomains for various North Korean state-run media, travel, and education-related sites.

Via a range assigned by China Netcom, 210.52.109.0/24.

Through an assigned range, 77.94.35.0/24, provided by a Russian satellite company, which resolves to SatGate in Lebanon.

Other interesting aspects found during analysis of the date are:

Over the course of six months, North Korean elite increased their use of Internet obfuscation services by 1200%. This includes a dramatic increase in services such as VPNs, Virtual Private Servers, Transport Layer Security, and The Onion Router.

Two more countries, Thailand and Bangladesh, showed North Koreans were likely living there and conducting illicit revenue-generation activities. This is in addition to eight nations discovered in 2017, including India, Malaysia, New Zealand, Nepal, Kenya, Mozambique, Indonesia and China. Activity in Malaysia and New Zealand decreased since the July 2017 study.

There was no noticeable increase in mining cryptocurrencies compared to the first study. However, the new data found that in addition to bitcoin, the North Koreans had also started mining monero.

The study found that the following online games were used by the North Korean elite:

  • 0AD: Empires Ascendant;
  • Ace of Spades;
  • Quake;
  • The Marathon trilogy games;
  • Armed Assault 1-3;
  • World of Warcraft;
  • Cube 2: Sauerbraten;
  • Diablo 2;
  • League of Legends;
  • Second Life; and
  • Accounts and games on Steam.

It said: "(This) could give researchers leads on which games overseas North Korean hackers are exploiting to generate revenue for the regime. It is not clear how much of this type of revenue generation is conducted from territorial North Korea.

"However, it is clear that overseas operators would often develop bots or gaming hacks for platforms and services which with they were already familiar."

CHIEF DATA & ANALYTICS OFFICER BRISBANE 2020

26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments