The Korean Central News Agency (KCNA) has attacked claims by international hacker collective Anonymous that it managed to steal North Korean military secrets from computer servers. The attack came in a commentary on Friday, just days before Anonymous plans to launch a cyber-attack on North Korean websites.
Earlier this week, a Twitter user claiming to represent Anonymous hackers said the group had managed to infiltrate North Korean servers on the country’s domestic intranet and access sensitive information.
“We completed serveral attacks on your internal Websites and inside your local intranets,” the group said in a message posted to the Pastebin website, which allows users to post text messages without revealing their personal details.
“Previously we said we would penetrate the intranet and private networks of North Korea. And we were successful,” the message said.
“Your major missile documentation and residents, military documents show down is already in progress. Your attempt to cover this has been uncovered. We are partially sharing this information with the world.”
The veracity of the Anonymous claim is difficult to ascertain. The group has yet to post a single piece of information that could have been gained in an attack on North Korean servers and it seems unlikely that military secrets would be stored on servers accessible from the controlled but open domestic intranet.
But whether it’s managed to infiltrate domestic servers or not, its threat of an attack on June 25 certainly has the attention of KCNA.
“The international hacking group Anonymous is letting loose a string of rubbish regarding the DPRK as the goal of cyber attack,” the state-run news agency said in the commentary.
“It announced that it would conduct hacking attack called ‘operation for infiltrating into interior of the north’ with June 25 as an occasion and calculates this would help shake the social system in the DPRK. Anonymous made up of riff-raffs dares hurt the social system of the DPRK, not content with doing bad things to demonstrate its technology. This provokes side-splitting laughter.”
The commentary is classic KCNA. Frst rubbish your opponent, then rubbish its claims.
Last time Anonymous turned its attention towards North Korea, the result wasn’t pretty. The country’s major websites — including that of KCNA — were inaccessible for days and the 15,000-member user database of Uriminzokkiri, a China-based site with close DPRK ties, was published.
Apparently referencing that hack, KCNA said:
“It hacked into open servers of the DPRK without any secret data by use of poor hacking programs. And now it is busy describing it as a sort of big technological feat.”
It’s probably safe to say that if North Korea didn’t have the full attention of Anonymous hackers, it does now.
KCNA went on to claim the Kwangmyong domestic intranet doesn’t exist.
“Anonymous, in fact, knows nothing about the DPRK. The Network Kwangmyong Anonymous claimed hacked into it does not exist in the DPRK.”
North Korea’s domestic intranet has been well-documented and well-reported, both in the North Korean media and by outsiders who have used it within the country, so it’s existence isn’t in doubt.
Could there perhaps be confusion over the name? Is KCNA denying its existence on a technicality?
In 2002, KCNA reported on the development on the “Kwangmyong” system:
“In recent years it developed an information retrieval system Kwangmyong and established a computer network for science and technology to make a variety of information service.” — KCNA, “DPRK Central Information Agency for Science and Technology,” August 13, 2002.
And a year earlier The People’s Korea, a Tokyo-based English-language newspaper published by the DPRK-aligned Chosen Soren, reported on the Kwangmyong network too.
The broadcasts appeared in May and were being recorded by WRN from Voice of Korea’s daily English-language shortwave broadcasts. Voice of Korea puts out a daily hour-long program in English each day and it’s relayed several times to listeners around the globe.
The shortwave signal meant sometimes poor audio quality, but the WRN website was the only place on the Internet offering the program on-demand. Voice of Korea’s own website has news and music clips but not the entire broadcast.
At the time, WRN said it had started the service independently of Voice of Korea and stood ready to cease the service should it receive an objection from Pyongyang.
WRN hasn’t responded to a request for comment on the ending of the broadcast, although it appears unlikely the service would attract complaints from North Korea. By their nature, international broadcasters are established to send programs as widely as possible and the WRN relay would help accomplish that.
All that’s left on the WRN home page now is an error message, with no explanation of what happened.
For listeners who want to hear the daily broadcast, the only option left is shortwave radio. The current Voice of Korea schedule can be found in the resources section on this website.
A Twitter user claiming to speak on behalf of the Anonymous hacker collective says members of the group have succeeded in breaking into North Korean computer servers and stealing military documents.
“Previously we said we would penetrate the intranet and private networks of North Korea. And we were successful,” the group wrote in a news release posted on Pastebin, a website that allows anonymous posting of text documents.
“Your major missile documentation and residents, military documents show down is already in progress. Your attempt to cover this has been uncovered. We are partially sharing this information with the world,” the message read.
The claim is impossible to independently verify and to-date the group has share none of the information it claims to have obtained from its hacking activities. Nor did it clearly explain how it managed to penetrate North Korean military computer systems.
Hackers made references to accessing the domestic Kwangmyong intranet system, but a link from that system to a military computer network handling state secrets would represent a big hole in network security if it existed.
An additional Twitter message posted a screenshot of a web page from the domestic Kwangmyong intranet system but, as NKNews first discovered, the screenshot dates back at least 2006 when it accompanied a South Korean newspaper story.
The claims of infiltration come just days before a long-planned attack on North Korean Internet sites is due to take place. Anonymous hackers have been threatening for the last couple of months to mount a denial of service attack on North Koreans sites from midnight local time in Pyongyang on June 25.
The groups’s last coordinated round of attacks effectively removed the websites from the Internet by deluging them with so much traffic that legitimate users were unable to connect.
The group also posted this video:
The page appeared to have been around for at least a month and content included links to KCTV news bulletins on the YouTube channel of the China-based Uriminzokkiri website, photos and stories from the government’s Korean Central News Agency (KCNA) and some “behind the scenes” pictures from the TV station.
It was written as if it was being run from within the TV station in Pyongyang — something that appears to have fooled several major international news agencies — but a series of inconsistencies in the content made it much more likely to be the work of a North Korean fan in the west.
Early this week, after those inconsistencies were highlighted on NorthKoreaTech and South Korea’s National Police Agency said it was looking into blocking the page, the Facebook account went silent. The account was deleted by its owner, Facebook told NorthKoreaTech.
A lot of the media attention on the page focused on its livestreaming of Korean Central Television but, as noted here earlier, the two livestreams offered by the site weren’t actually original.
They were simply embedded versions of two streams that remain available.
The first is being carried by Ustream, a U.S.-based video streaming site, and appears to be provided from Japan by the General Association of Korean Residents in Japan (Chosen Soren). The second comes from Unification Broadcasting, a Seoul-based defector-run site that analyzes media coverage on both sides of the Korean border.
A group of amateur radio operators are hoping to get permission from the North Korean government for a month-long trip to the country during which they’ll set up a ham radio operation.
If they manage to pull off the plan, they’ll have succeeded where few have before.
North Korea has no amateur radio operators and government-sanctioned transmissions by foreigners in the country are extremely rare. This makes North Korea the rarest country for contacts in the amateur radio world.
The project is still in the planning phase but is being led by operators with experience of both North Korea and operating in usually closed countries. One of the members, David Flack (AH6HY), has been to the DPRK several times and other members helped organize similar trips to Kurdistan, South Sudan and Yemen.
Two of the group are planning to travel to Pyongyang in June and seek permission to bring in two teams of 12 operators and the necessary radios, antennas, power supplies and amplifiers.
The expedition won’t be solely focused on radio activities. They are also running a humanitarian appeal to help the “Love North Korean Children” charity.
Two members of the the group contacted declined an interview request.
There have been several other attempts to get on the air from North Korea. One of the more recent was in 2005.
David Borenstein (KA2HTV), a medical doctor, received advance permission to operate while on a trip to Pyongyang but failed to get on the air. Apparently, an official at the Committee for Cultural Relations with Foreign Countries approved the plan without getting clearance from the Ministry of Telecommunications and Posts, according a statement from his sponsor.
His equipment made it through customs and some of it was then held by the ministry for a week before he was told he could not operate in North Korea, the statement said.
To make matters worse, he didn’t get to return with all of his gear. Early discussions had included talk of a donation to the DPRK of amateur radio equipment, and some of Mr. Borenstein’s own equipment was apparently mistaken for the gear to be donated. He ended up with a receipt from the Committee for Cultural Relations with Foreign Countries thanking him for his “donation” of a radio, antenna, power supply and other gear.
The most successful has been Edisher Giorgadze (4L4FN), a Georgian working for the UN World Food Programme in Pyongyang. He received permission to operate while stationed in the country and made more than 16,000 communications with more than 12,000 amateurs around the world.
The station was on the air for just over a year, but was forced to close in November 2002.
According to a news release from the time:
“Friday evening, 2002 November 22, Ed was called into a meeting with the “Radio Regulation Board” without any explanation, he was politely asked to quit all transmissions and pack all his radio equipment. Saturday, he spent all day on the roof disassembling his antennas and packing boxes. At 2:30pm on of the government officials came by, sealed all the boxes and when he leaves on December 10 for his two weeks R&R he is to take everything with him out of the country.”
Here’s a couple of photos of the antennas he used:
On Thursday, South Korea’s Yonhap reported on a new Facebook page in the name of the Korean Central Television, North Korea’s national TV station. (Updated. See below.)
Yonhap said, “North Korea’s state broadcaster started real-time Facebook broadcasting as the communist country moves to expand its propaganda efforts into the social networking realm, official sources said Thursday.”
In never divulged who the “official sources” were beyond describing them as people “who keep tabs on the North.”
Later in the day, Agence France Presse reported the same Facebook page, reporting on the news of Kim Jong Un’s visit to a mushroom farm in the first news bulletin of the day. Like Yonhap, AFP noted, “The move marks a further step by the reclusive state to develop its Internet presence and use of social networks to disseminate state-approved propaganda.”
But there’s a few things about the new Facebook page that don’t quite add up.
The page claims to be based in Pyongyang, but links to Uriminzokkiri.com.
Uriminzokkiri isn’t in Pyongyang. It’s in China. It runs YouTube, Flickr and Twitter accounts and has an iTunes podcast so is well versed in social media, but makes no secret of its Chinese base.
Uriminzokkiri’s social media efforts to date have been in Korean, not English (bar a short-lived attempt at an English-language Twitter feed), and are aimed at ethnic Koreans in North Korea’s East Asian neighbors. It established a Facebook page in 2010, but the page was deleted, twice, because it was set up as a personal account and not a “page.” Uriminzokkiri has not been back to Facebook since.
A quick check on the Uriminzokkiri site shows it doesn’t list the channel, despite it apparently starting at least a month ago.
So livestreaming on Facebook doesn’t quite fit the Uriminzokkiri profile. If it was to livestream — and it’s probably the most likely part of the North Korean Internet family of sites to do so — it would probably make more sense to serve the video stream from its own site or a third party video service like Ustream, Livestation or Livestream. That’s what it does with recorded video clips: its own site and YouTube.
Assuming the Pyongyang base is correct and the page links to Uriminzokkiri because there’s no KCTV website, it would be even more unusual. Non of North Korea’s Pyongyang-based sites engage in social media at all, and especially don’t adopt the chatty tone of the Facebook page.
The page includes lots of photos and text articles from KCNA. Among the most interesting items are some “behind the scenes” looks at the KCTV studios. They are presumably there to lend credibility to the Facebook account.
Pictures of inside KCTV have only been seen a couple of times in the last few years: once during the 2012 Lunar New Year when China Central Television reported on the TV station and interviewed Ri Chun Hui, probably the most famous KCTV anchor. And then later in 2012 when CCTV donated studio equipment to the broadcaster.
The photo above claims to have been taken on Sunday, May 19, and if real it would be a very unusual look behind the scenes of one of North Korea’s key propaganda machines.
Here’s the photo in full:
And here’s a photo carried on this website on October 1, 2012, as part of a report into the modernization of the KCTV control room by CCTV. Notice anything similar between the two photos?
The photo of the control room “on Sunday” is actually a six-month old Xinhua photo that’s been cropped to remove the “news.cn” name from the corner. One of the other “behind the scenes” photos on the Facebook page is a different shot from the same article on NorthKoreaTech, also cropped to remove the news.cn name.
Then there’s the livestreams themselves.
The two streams don’t come from Pyongyang or China at all. One is a Ustream feed that’s been set up in the name of “elufa.tv.” Elufa is a website run by the General Association of Korean Residents in Japan (aka Chrongryon or Chosen Soren) and the other is a Windows Media feed provided by the Seoul-based SPTV website.
Is Korean Central Television really relying on a Japanese and South Korean website to stream its programming?
While it’s impossible to determine who is actually behind the site, everything points to it being the work of one of several North Korean fans outside of the country who already post the country’s propaganda to their own sites and YouTube channels. There’s nothing on the page that appears genuinely original from KCTV in Pyongyang.
[UPDATE: The Facebook page, which was available at https://www.facebook.com/KoreanCentralTV , appears to have been deleted shortly after this article was published.]
North Korea’s Achim (Morning) tablet PC will soon become a year old. The tablet, which runs the Android operating system, was first unveiled in July 2012 as a computer to help education.
It was the second tablet PC unveiled by the country. The first came from the Korea Computer Center and a third, called Samjiyon, was unveiled later in the year.
Since it has appeared, the DPRK’s state media has carried several stories about the success of the Achim tablet PC in the teaching and learning markets. It’s said to contain reference books, foreign-language dictionaries and scientific data. KCNA reported it weighs about 300 grams and has a battery life of about 5 hours.
The computer is made by Achim Panda, a joint venture between China’s Panda Electronics Group. and the DPRK’s Ministry of Electronics Industry.
Recently, a Japan-based site with close ties to North Korea published a video extolling the virtues of the computer for students. Here’s a subtitled version: