The Sony Pictures Affair Probably Means Bad Things for Increased North Korean Internet Access.
Reports suggest that North Korea’s already limited access to the internet went black several times this week, as well as perhaps their 3G network. Most analysts suggest it is due to hacking, likely through a DDOS attack. This comes as North Korea is experimenting with more internet access: as much as there is all sorts of fallout on Sony’s end, this will have an unfortunate impact on decision-making in Pyongyang.
We tend to view North Korea’s restrictions on internet accessibility as an issue of social control, which of course it is. However, when you speak to North Koreans, raised in a Garrison State, they often bring up security as the frame through which they view internet access.
After all, the authorities recognize that currently they have a very important strategic advantage over their enemies: their closed systems are far less vulnerable to hacking than are the systems of their enemies, with their sprawling, interconnected systems. And as with so much in the DPRK, the closed nature of their system is a conscious choice to maintain a military advantage at the cost of an economic one.
Yet there are signs of experimentation. It does seem as if more and more companies and organizations are getting online in North Korea in a limited fashion. Usually this means they have to register in advance for time at a connected terminal and are limited in what they can view. Organizations still tend to have a single email address for the entire staff. There is, however, already awareness that economic success will require more access to information, something we emphasize in Choson Exchange workshops.
Red Star Linux, North Korea’s homegrown operating system, received an upgrade to 3.0 last year, mostly gaining attention for its visual similarities with Mac OSX. We’ve been told this is the most secure version yet: with each round of coding, they will probe for weaknesses and patch them or write new code for the next version. It is, apparently, still not secure enough for them to feel comfortable with allowing broader internet access.
If one is feeling cynical about it, one might say they never will. After all, a former North Korean IT specialist, now a South Korean professor, has been saying they are on the verge of providing access since 2009. (He also notes that “the most serious anxiety for North Korea while preparing to connect up to the Internet is the potential outflow of North Korean internal information”, rather than harmful inflows.)
If one is feeling less cynical, one could hope that Chinese encouragement might someday pay off. China’s quiet and longsuffering attempt to get North Korea to more closely imitate its model has been occurring at both the working day-to-day level of businesspeople and traders, as well as the highest levels of officialdom.
In dealing with the social-control challenges posed by the internet, China feels it has amply demonstrated that agenda-setting, carefully chosen censorship and flexibility in the official narrative can all be combined to mollify the threats posed by more outside information.
Going forward, if Pyongyang wanted to open up beyond registered research terminals, the authorities could allow more access, but under a more intense system of restriction than the Chinese currently use. They could, for example, employ a white list for accessible websites, rather than a black list or could allow access through a system of walled applications, rather than relatively open browsers. This could also be supplemented with other software and hardware controls, while still only allowing certain (but more) computers access and keeping a close eye on everything that happens on those terminals in order to keep a lid on ‘harmful information’.
Yet as much as that information is a concern, the continuous nature of electronic warfare is something keenly understood in Pyongyang. Remember the 2009 cyber attacks on South Korea? No? Well, remember the attacks on US military sites emanating from China? You sort of do? It was just last year. But not like you remember Russia foray into Ossetia in 2008 or the US venture into Iraq in 2003, right? The only reason this Sony affair has captured the public imagination is that it is a film studio that produces things that we watch and its unleashed some juicy Hollywood drama.
Cyberwarfare, which is largely without blood and has really disappointing explosions, usually gets a PR pass: in the sphere of public opinion and even diplomacy, there is something allowable about it. Until it really causes a meltdown, it will be a tolerated form of international conflict. (We’ll see if the Sony affair has the potential to change this.)
Yet cyberwarfare has already proven to be extremely potent. Just ask Iran, which in recent years has both very cheaply brought down an American drone, safely landing it in its own territory and has also seen the Stuxnex worm tear up its nuclear program. And it is precisely this sort of worm that Pyongyang fears and Seoul hopes will increase its asymmetric capabilities.
South Korea played on these fears earlier this year with a public announcement that it is developing a Stuxnet-type worm to attack North Korean nuclear facilities. Let us ignore for a minute the fact that this is a very public announcement, unusual for this sphere of murky conflict. Or that there is a degree of impotence in the statement that noted this is the second part of a two-phase program beginning in 2010, the first phase including “online propaganda operations by posting to North Korean social networking and social media services.” Presumably this has been four years of tweeting @uriminzzokkiri that lol #ROK4lyfe #yolo.
The first phase was apparently intended to be defensive in nature: a response to the hacks in 2009. These saw several South Korean government websites suffer distributed denial-of-service attacks. More seriously, however, a USFK computer was compromised and operational data was obtained by a hacker based in China, it was claimed. Proof of who was behind the series of hacks has not been presented to the public, but North Korea is widely thought to be the culprit. Pyongyang denies this and while a Symantec report on the attacks pins them on a hacking gang called ‘DarkSeoul’, it notes that “nation-state attribution is difficult”.
Pyongyang must worry about two fronts: social control and military security. The more online North Korean systems are, the more they lose that asymmetric advantage. For Pyongyang, the certainty of this advantage is greater comfort than the uncertain returns of more connectedness. It would be good to hear more voices persuading them that they will not only survive, but will benefit from greater, if strictly limited, internet access. Instead, the Sony affair – specifically the reprisals that will come either from states or hacktivists – will discourage North Korea from expanding internet access.
As for right now, most Pyongyangers know the internet exists, they know everyone else in the world has it and that it is something of a big deal even if they don’t quite grasp just how pervasive and integrated it is into people’s professional and personal lives. A handful of decision-makers do and they also know that it is a military and social control security risk. As long as they see access and security strictly as two sides of a zero-sum coin, you can guess which side they’ll choose.