Russian firm provides new internet connection to North Korea

0
853

North Korea has opened a second internet connection with the outside world, this time via Russia, a move which cyber security experts said could give Pyongyang greater capability to conduct cyber-attacks.

North Korea has been blamed by Western governments for several major cyber-attacks in recent years, including against banks and Sony Pictures, as well as the WannaCry ransomware attack that froze computers unless their owners sent cash. Pyongyang has denied any involvement.

Tensions have risen in recent weeks as North Korea’s leader Kim Jong Un and U.S. President Donald Trump have traded war-like threats and insults over the North’s nuclear and missile development programmes, leading to an intensification of diplomatic efforts and a renewed push on sanctions against it.

Dyn Research, which monitors international internet traffic flows, said it had seen Russian telecommunications company TransTeleCom routing North Korean traffic since about 0908 GMT on Sunday.

Previously traffic was handled via China Unicom under a deal dating back to 2010. TransTeleCom now appears to be handling roughly 60 percent of North Korean internet traffic, while Unicom transmits the remaining 40 percent or so, Dyn said.

The new external connection was first reported by 38 North, a project of the U.S.-Korea Institute at Johns Hopkins School of Advanced International Studies (SAIS).

North Korea’s internet access is estimated to be limited to somewhere between a few hundred and just over 1,000 connections. These connections are vital for coordinating the country’s cyber-attacks, said Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye, a cyber-security company.

Having internet routes via both China and Russia reduces North Korea’s dependence on any one country at a time when it faces intense geo-political pressures, he said.

Many of the cyber attacks conducted on behalf of Pyongyang came from outside North Korea using hijacked computers, Boland said. Those ordering and controlling the attacks communicate to hackers and hijacked computers from within North Korea.

The Washington Post reported earlier that the U.S. Cyber Command has been carrying out denial of service attacks against hackers from North Korea designed to limit their access to the internet.

 

 

 

 

Source: News agencies