DPRK attempts to block ROK GPS signals

UPDATE 3 (4/1/2011): The International Civil Aviation Organization (ICAO) is considering measures against North Korea after the reclusive state was accused of jamming satellite navigation signals.  According to Flight Global:

The organisation is intending to co-operate with South Korea over the matter, says the Korean ministry of foreign affairs.

It follows a meeting between Korean foreign minister Kim Sung-Hwan and ICAO secretary general Raymond Benjamin yesterday.

The ministry says that ICAO has accepted its position of “pointing out the illegality” of Global Positioning System signal jamming by North Korea in early March, and that a “recurrence of such [an] incident must not occur”.

It also says that ICAO has agreed to “co-operate with Korea in taking necessary measures” should there be another incident, because North Korea’s action “threatens civil aviation safety, of not only Korea but also other countries”.

ICAO was not immediately available to comment on the foreign ministry’s statement.

UPDATE 2 (3/20/2011): According to Strategy Page:

Since the 18th, North Korea has been directing a GPS jamming signal across the border, and towards the southern capital, Seoul. The jamming signal can be detected up to a hundred kilometers south of the DMZ. The North Korea GPS jammers are based on known Russian models that North Korea bought and copied. The usual response for GPS jamming is to bomb the jammers, which are easy to find (jamming is nothing more than broadcasting a more powerful version of the frequency you want to interfere with). But such a response could lead to more fighting, so the south is still considering what to do. The jamming is a nuisance more than a threat, and most military equipment is equipped with electronics and other enhancements to defeat it. This is the third time in a year that the north has attacked the south. The first was the torpedoing of a South Korean warship a year ago, then the shelling of a South Korean island off the west coast last November. Now this jamming, and DDOS attacks on government websites.

UPDATE 1 (3/15/2011): According to Yonhap, the DPRK has rejected a letter of complaint from the South over GPS jamming:

North Korea on Tuesday rejected a letter from South Korea demanding that the communist nation stop sending jamming signals across the border, Seoul’s Unification Ministry said.

South Korea’s communications watchdog, Korea Communications Commission (KCC), asked the ministry earlier in the day to send the North a letter in which it complained of the trouble caused by disruptions to Global Positioning System (GPS) signals in the South.

South Korean officials have blamed North Korea for jamming the signals early this month in what they believe was an attempt to interrupt ongoing military drills between South Korean and U.S. forces. GPS-based mobile phones and certain military equipment in the South’s northwestern areas experienced minor errors due to the disruption, according to officials.

“Following KCC’s request, we tried to deliver to the North a letter of complaint written in the name of KCC Chairman Choi See-joong through the liaison office at Panmunjom,” the ministry said, referring to the inter-Korean truce village. “But the North’s liaison officer refused to receive it.”

In the letter, the KCC said it demanded that the North “instantly stop jamming activities and provide measures against similar incidents in the future.”

The commission also wrote that the jamming of GPS signals is “causing an inconvenience to our people and threatening their safety,” adding that such actions are “unacceptable” under International Telecommunications Union regulations. Both South and North Korea are members of the Union.

North Korea was accused of jamming GPS signals across the border last year, but this is the first time the South has tried to lodge an official complaint on the matter.

South Korea has already sought international action against the sabotage, with the foreign ministry sending a letter of inquiry to a United Nations agency in charge of information and communication technologies, a presidential official said earlier this month.

ORIGINAL POST (3/8/2011): According to the AFP (via Singapore’s Straits Times):

Seoul confirmed on Monday that North Korea has been trying since Friday to jam communications signals across the border, where the US and South Korea are holding a major joint military exercise.

Signals are being emitted from near the North’s border city of Kaesong to disrupt navigational devices using GPS (the Global Positioning System) north-west of Seoul, the Korea Communications Commission said.

They caused minor inconvenience on Friday and Saturday, it said, while weaker signals are ongoing. ‘Intermittent (GPS) disruptions are still continuing, although signals are weak,’ the commission said in a statement, adding that it was working with government agencies and security authorities to counter the jamming.

The South’s defence ministry confirmed the intermittent failure of GPS receivers last week, but refused to give details for security reasons. It was not clear whether the disruption caused problems to the war games.

The North’s military operates dozens of bases equipped for an electronic war to disrupt South Korean military communications, the South’s Yonhap news agency said. The communist country has imported GPS jamming devices from Russia, while South Korea uses French equipment to disrupt or monitor the North’s military communications systems, it said.

How do these kinds of attacks work and how effective are they? According to Wired:

North Korea is reportedly jamming Global Positioning System (GPS) signals in South Korea, possibly in an attempt to interfere with the U.S.-South Korean annual Key Resolve/Foal Eagle drills, which kicked off on February 28.

GPS jammers work by sending a signal that interferes with the communication between a satellite and GPS receiver. It’s a relatively simple operation, with relatively short-range effects. Thus far, cell phones used by civilians and troops and some military equipment have been put on the fritz by the disruption attempts.

But the juiciest target for the North’s jamming efforts would be the U.S. and South Korean arsenals of GPS-directed bombs.

If it works just right, the GPS jammer can cut off a satellite-guided bomb’s ability to guide itself to target. The bomb simply continues hurtling towards the ground in the direction it was when it lost contact with a satellite.

However, these weapons have other means of guiding themselves in the event of jamming. Take the Joint Direct Attack Munition (JDAM), a guidance kit that’s strapped to older, “dumb” bombs to make them more accurate. In addition to GPS, the JDAM kit comes equipped with an Inertial Navigation System (INS), which measures a bomb’s acceleration and uses the information to plot its way to a target. In the event a JDAM’s GPS signal is successfully jammed, it can rely on its INS to guide it, although accuracy is reduced from 5 to 30 meters.

That’s not the only backup for U.S. bombs. “Increasingly you see that there are multi-mode smart munitions that have both GPS and laser guided so that if one is not working, the other can,” says John Pike, a defense and aerospace expert and president of Globalsecurity.org.

Though he’s not familiar with the specific systems used by the North Korea, Pike says other incidents make him think the U.S. might not have much to worry about in this case.

“The jammings that I have been aware of in other instances I would place into the category of ’seriously annoying.’”

North Korea is believed to have both a GPS jamming system imported from Russia and a modified version its been shopping around the Middle East, according to South Korea’s Chosun Ilbo. Russia reportedly sold a GPS jamming system to Iraq on the eve of the second Gulf War. And in case you missed that one, jamming wasn’t much of an issue for U.S. bombs.

But jamming might not be the only info war trick North Korea’s been up to lately.

Last week, at least 29 websites were affected by a distributed denial of service (DDoS) attack, which targeted a number of South Korean government, U.S. military and private sector sites. At the moment, the origin of the web traffic flood remains unknown, but North Korea is widely suspected because of its prior history. In June 2009, South Korea intelligence attributed a series of DDoS attacks which targeted a similar portfolio of sites to North Korea.

Which organizations in the DPRK carry put these kinds of operations? The Choson Ilbo highlights the well known Mirim College for Electronic Warfare Research

Pictured above on Google Earth: Suspected initial location of the Mirim War College in Pyongyang (39.013904°, 125.877156°) (via Michael Madden).  Reports now indicate it has been moved to the other side of Pyongyang in Hyonjesan-guyok.

 

According to the Choson Ilbo:

Pyongyang began developing electronic warfare capabilities in 1986 when it founded Mirim University, the present-day Automation University, to train specialists.

A defector who graduated from the university recalled that 25 Russian professors were invited from the Frunze Military Academy in the former Soviet Union to give lectures, and some 100 to 110 hackers were trained there every year.

Mirim is a five-year college. The Amrokgang College of Military Engineering, the National Defense University, the Air Force Academy and the Naval Academy are also reportedly training electronic warfare specialists.

Jang Se-yul of North Korean People’s Liberation Front, an organization of former North Korean military officers and servicemen, recalled that when he fled the North in 2007, “I heard that the North Korean military has about 30,000 electronic warfare specialists, including some 1,200 personnel under two electronic warfare brigades.”

“Each Army corps operates an automation unit, or an electronic warfare unit.” Jang used to be an officer of a North Korean electronic warfare command.

Material published by the North Korean Army in 2005 quotes leader Kim Jong-il as saying, “Modern war is electronic warfare. Victory or defeat of a modern war depends on how to carry out electronic warfare.”

In a 2006 report, the South Korean military warned North Korean hackers could paralyze the command post of the U.S. Pacific Command and damage computer systems on the U.S. mainland.

Experts believe that the North’s 600 or so special hackers are as good as their CIA counterparts. They attempted in August 2008 to hack the computer of a colonel in South Korean Field Army headquarters. In 1999, the U.S. Defense Department said the most frequent visitor to its website was traced to North Korea.

Due to economic difficulties since the 1990s, the North Korean regime had a hard time boosting its conventional military capabilities and instead focused on strengthening so-called asymmetric capabilities that would allow it to achieve relatively large effects with small expenses. That includes not only nuclear and biochemical weapons and missiles but also special forces and hackers.

FAS has more on the Mirim-based school here.

A couple of years ago, the Daily NK mentioned another possible contender: Moranbong University

Pictured above on Google Earth: Korean Workers’ Party Building 3 complex in Pyongyang (39.057894°, 125.758494°)

According to the Daily NK:

Moranbong University, which is directly managed by the Operations Department of the Workers’ Party, is said to be leading technical developments in cyber war against foreign countries.

A North Korean source said in a telephone interview with Daily NK on the 10th, “I heard that the U.S. and South Korea were attacked. If it were confirmed that North Korea was responsible, it would have been by the graduates of Moranbong University.”

According to the source, since the mid-1990s, the Workers’ Party has been watching the worldwide trend whereby the IT field started dominating, and founded Moranbong University in 1997 in order to train experts in data-processing, code-breaking, hacking and other high-tech skills. The results of new student selections, curricula and training are reported only to the Director of the Operations Department, Oh Keuk Ryul.

The foundation of the University was spurred by the North Korean invasion of the South in Kangreung, Kangwon Province in 1996. 26 North Korean special agents tried to infiltrate South Korea after passing under the Northern Limit Line in a special, mini-submarine, but they were all killed or committed suicide after the operation failed. After that, there was a debate within the South Korean Liaison Office under the Operations Department of the Party about the sending of spies to the South and collecting intelligence through contact with resident spies in South Korean society. After listening to such suggestions, Kim Jong Il approved the establishment of the university.

It is a five-year university which selects 30 freshmen every year. The university makes every freshman a military first lieutenant. In sophomore year, students take courses in martial arts, shooting and other special skills, and then they take courses in assembly languages, wiretapping, code-breaking, and hacking.

Graduates are dispatched to the headquarters of the Operations Department of the Party or local South Korea Liaison Offices, where they are put in charge of collecting intelligence from intelligence organizations and the military of South Korea, the U.S., Japan, China and other neighboring countries, or demolishing programs.

Since 2003, more than 200 graduates from the University have started working for the Operations Department or as professors of Moranbong University. Some of them have been dispatched to China in order to train in international techniques or to earn foreign currency as Chosun Computer Center (KCC) workers.

According to the source, Moranbong Univeristy is better than Mirim University, the former main educational institution for North Korean hackers, in terms of equipment, technology and curricula. It is located in Jung-district, just across from the No. 3 Government Building, in which the United Front Department, the Liaison Department and the Operation Department are stationed. The real purpose of the university is not officially revealed even to general agents of the Operations Department, because it is treated as top secret.

The source concluded, “Wiretapping has its limits because of a lack of equipment, but they have world-class hacking technology.”

The Daily NK,  Choson Ilbo, and Strategy Page later posted additional information on these organizations.

South Korea is said to be seeking additional sanctions on the DPRK for these activities.  According to Yonhap:

But they said the North should not go unpunished for the sabotage, with a senior presidential official hinting at the possibility of seeking sanctions against the communist nation.

A charter of the International Telecommunication Union (ITU) bans a country from doing damage to electric waves of other nations. Both South and North Korea are members of the ITU.

The foreign ministry already sent a letter of inquiry to a United Nations agency in charge of information and communication technologies, the presidential official said on condition of anonymity.

Read the full stories here:
N. Korea launches electronic attacks on S. Korea
AFP (Straits Times)
3/7/2011

North Korea Jams GPS in War Game Retaliation
Wired
Adam Rawnsley
3/7/2011

N.Korea Trains Up Hacker Squad
Choson Ilbo
3/9/2011

Mecca for North Korean Hackers
Daily NK
Jung Kwon Ho
7/13/2009

Share
  • Jbob

    WIRED is wrong.

    GPS receivers DON’T communicate with the orbiting GPS satellites at all, they merely receive a very accurate timing signal, that allows them to calculate their position using the known speed of light and the small apparent time difference between the signals from several GPS satellites and their known positions.


An affiliate of 38 North