10 January 2015

FBI REVEALS NEW DETAILS ON HOW NORTH KOREA HACKED SONY — AND, WHY THE AGENCY HAS HIGH CONFIDENCE THAT NORTH KOREA IS/WAS THE CULPRIT — EVERYTHING YOU NEED TO KNOW ABOUT NORTH KOREA’S ‘INTRANET’

January 7, 2015 

FBI Reveals New Details On How North Korea Hacked Sony — And, Why The Agency Has High Confidence That North Korea Is/Was The Culprit — Everything You Need To Know About North Korea’s ‘Intranet’

Russell Brandom, writing on the January 7, 2014 website, Verge, quotes FBI Director James Comey as saying at a cyber security conference in Manhattan today as saying, “I don’t have high confidence in many things in life; but, one thing I do have high confidence in — is that North Korea is responsible for the recent Sony Entertainment Corp,”. — in an attempt to dissuade the company from releasing the movie, The Interview. According to Director Comey, the Guardians of Peace “got sloppy,” when masking IP addresses, allowing FBI researchers to determine that emails and other messages to Sony employees were originating from Internet connections used exclusively by North Korea.”

As Mr. Brandom notes, “Internet access in North Korea,” perhaps a 1,000 North Korean elites out of a country of +20M, and “routers/connections are almost exclusively controlled by the government [with the others by China], which makes it unlikely a third party would be able to hijack a North Korean IP without the government’s explicit consent.” “We know who hacked Sony. It was the North Koreans,” Comey told the audience.

North Korea Is So Paranoid That Even Owning A Computer Requires Government Permission

Max Fisher, writing on the December 22, 2014 website Vox, says that anyone wanting to own a computer “must get governmental permission from local authorities, and all personal computers are registered with the police. Private ownership of fax machines is banned outright; and, sending a single fax requires high-level authorization. Meanwhile, pirated DVDs of South Korean TV dramas, are so illegal — that North Koreans caught in regular police sweeps for them — can be sentenced to years in labor camps. So, you can imagine how tightly Internet access would [must] be in the Hermit Kingdom.

“if you went to North Korea and asked people about the Internet [you wouldn’t be allowed to ask any questions anyway], most of them would have no idea what you were talking about,” Mr. Fisher writes. And, it takes about three months worth of the average yearly salary to afford one — even if you were granted permission to do so.

“Kwangmyong, which is Korean for “bright star,” is North Korea’s officially sanctioned Intranet.” Mr. Fisher notes. “It looks sort of like the Internet circa, 1994; and many users access it with old-school dial up computer labs. It is a closed network that runs on pirated Japanese versions of Microsoft software; and, sort of like the real Internet — but, isn’t. Rather, it runs rudimentary email and browser tools that are restricted to a hand-picked collection of “sites” that have been copied over and censored from the real Internet.”

“The network is assessable to only a handful of computer labs at major North Korean government offices, universities, and a smaller number of cyber cafes in major cities. (Internal travel is forbidden in North Korea…without government permission in North Korea, so most citizens never see Pyongyang, or can visit its cyber cafes). But, you need a computer to access it, and that’s only possible with official permission. Outside computers are illegal (except for the very highest elite, for whom many official rules don’t apply — until they do of course); and the only acceptable computers are produced by Morning Panda, a government-run company that makes only a few thousand computers each year.”

“Then there is a group of privileged elites in North Korea who can access the real Internet, which is forbidden to everyone else. The number of people in North Korea with actual Internet access, is estimated at a few thousand — the tiny core of the country’s sprawling government — most of them top government officials. Indeed, Mr. Fisher writes, “North Korea’s circle of Internet users is so small, that the county only has 1,024 IP addresses for 25M people, whereas the U.S. has billions of IP addresses for 316M people. While it’s impossible to infer a specific number of Internet-connected devices from this, it is safe to say the number [in North Korea] is very, very small.”

“North Korea’s Internet connections all go through a singe line that runs from Pyongyang, through North Korea’s mountainous north, and into China where it connects via China’s state-run telecommunications agency – Unicom — to the outside world. North Korea’s Internet, in other words,” Mr. Fisher says, ” is behind China’s Great Firewall. (There are also long-running rumors, of a second North Korean T1 line that patches in the most elite officials’ devices at much higher speeds, and that resolves as Chinese IP addresses.)

“If you saw the real Internet in North Korea,” Mr. Fisher writes, “it would almost certainly be running on a top-of-the-line computer — or even an Apple device such as an iPad, or iPhone — which are smuggled in for use of elite officials. It would be very slow; all of North Korea’s devices share a very small amount of bandwidth; and, run through aging equipment that goes down often.” V/R, RCP

No comments: