A raid last week by South Korean military investigators on the nation’s Cyber Command wasn’t just an unwelcome embarrassment for the unit tasked with waging digital war against the North. It also signaled that an August attack on the military’s intranet by Pyongyang’s elite military hackers may have wreaked more damage than initially thought.
Details of the attack have been leaking out since September. After playing down the risk of a serious breach, South Korean officials have since admitted that 3,200 computers had been hacked – including 700 connected to the military’s intranet and one used by the Defense Minister. As of last week’s raid, they were still unsure of how much data had been compromised, according to local media reports.
The breach of security in the core cyberwarfare infrastructure of a key member of the US-led Pacific military alliance is all the more surprising given that South Korea is one the world’s most electronically advanced societies. Then again, as demonstrated by the ongoing row over Russian hacking and by US complaints over China’s behavior, the West faces a formidable digital threat from adversaries with only a fraction of its resources at their disposal.
South Korea’s government estimates its economy is about 22 times bigger than the North’s, which has shriveled after decades of mismanagement and the effects of international sanctions. The North, so the accepted narrative goes, is a land of famine, grinding poverty and shortages; at nighttime, observed from space, it’s a dark blot.
Confirmation of this picture appeared to come in September, when the world was given a rare glimpse inside the North Korean intranet after a server was accidentally configured to allow anyone to request a list of its domain names (.com, .gov and .org are examples of domain names).
Matthew Bryant, a security engineer at Uber, just happened to have a program running that automatically captured all the .kp domains — 28 of them, including sites for national carrier Air Koryo and the Korea Central News Agency. This spawned widespread reports that the country only has “28 websites.” As one redditor dryly pointed out, Grand Theft Auto 5 has 83.
But, as so often with North Korea, the truth isn’t so straightforward.
“Reports referred to 28 domain names,” says Martyn Williams, whose North Korea Tech website tracks the country’s information technology and related industries. “Many reports confused this to mean 28 websites internally.”
The reports failed to capture North Korea’s much more extensive intranet: known as Kwangmyeong, or “Bright Light,” this is an internal network used by North Koreans, who do not generally have access to the global internet. (Foreigners have been able to access the internet since 2013 through the 3G phone network, but usage remains low.)
The North, so the accepted narrative goes, is a land of famine, grinding poverty and shortages; at nighttime, observed from space, it’s a dark blot
Bryant’s records “refer to sites on the internet, not the intranet,” Williams said. “The number of internal sites is unknown.”
One inconclusive glimpse came during a 2014 visit to Kim Il Sung University’s library by Associated Press reporter Eric Talmadge, who noted “an estimated 1,000 to 5,500 websites.”
That’s still a small number, considering the internet at that time had 1 billion sites. Bright Light is so small because it “is almost exclusively a means of obtaining the technical information necessary for the country’s scientific development,” according to Reporters Without Borders. Beyond these narrow scientific or academic applications, Bright Light is all but useless. It operates using a browser called My Country, which is based on Mozilla Firefox. Pornographic and gambling sites are blocked, and as of April, so were YouTube, Facebook, Twitter and a number of others.
But even if they were allowed to use it, North Koreans wouldn’t find the internet much of an alternative to Bright Light. The country has one of the world’s slowest connections, clocking at an average speed of 2.0 Mbps. Compare that to South Korea, the world’s fastest, which comes in at 26.7 Mbps. The North’s internet has the fewest users, too, ranking dead last out of 144 countries with a usage rate of 0%. Somalia, which has suffered the desolation of civil war for almost 40 years and has a nominal GDP that’s less than one-tenth of North Korea’s, has a usage rate of 1%.
The country has one of the world’s slowest connections, clocking at an average speed of 2.0 Mbps. Compare that to South Korea, the world’s fastest, which comes in at 26.7 Mbps
Philip Iglauer, who has written about North Korean technology for tech news outlets such as CNET and ZDNet Korea, says he recently got his hands on the latest North Korean tablet, Samjiyon, and internet access isn’t even a possibility.
“They block any way for you to turn on wifi connectivity,” he notes, adding that Samjiyon runs on a discontinued 2011-era Android operating system known as Ice Cream Sandwich and is mostly full of games. “The built-in apps include Chinese and Korean dictionaries, a game called Basket Ball Shot, a Tetris-esque game called Wall Crusher and Angry Birds Rio.”
North Korea’s leaders show no signs of opening up access to the internet – and the free flow of ideas that this would entail. That means the vast majority of the nation’s 20 million population are doomed to be left behind in the global digital revolution, lumbered with technology that is designed to perpetuate the ruling dynasty. It’s no surprise that every mention of a Kim family member on Bright Light appears 20% larger than the text around it.
But if the hacking of South Korea’s military teaches us anything, it’s that no matter how absurd the North’s technology may seem by other standards, other standards aren’t the only ones by which the world abides. Bright Light’s deficiencies serve a purpose for the regime; and when it comes to cyberwarfare, the motivation to compete with the world’s best is clearly there.