North Korean Economy Watch

According to the Korea Herald:

North Korea is a country that has been almost entirely isolated from news around the world for the past 60 years. The regime in Pyongyang allows Internet access to only a fraction of government officials and its power elite as it prepares for a third-generation hereditary succession to a young man in his late 20s.

The people of North Korea have been brainwashed since childhood to pay respect to the country’s idolized “Great Leader” Kim Il-sung and his son “Dear Leader” Jong-il.

So was Kim Hung-kwang until he began watching South Korean movies and drama in 1995.

“Toddlers are taught by their parents to say ‘thank you, Dear Leader’ before every meal,” Kim said in an interview with The Korea Herald.

“I had been a brainwashed, proud member of the (North Korean Workers’) party myself, until I came across South Korean films in 1995 and eventually learned that the outside world was much better.”

The computer engineering professor managed to flee the North seven years later and arrived in the South in 2003. He was joined by his family two years later.

Born in the eastern coastal city of Hamheung in 1960, Kim graduated from Kim Chaek University of Technology in Pyongyang, meaning he had been one of the North Korean regime’s highly trusted party members. While working as a professor of computer engineering at the Communist University, he was caught for lending some CDs containing South Korean drama to a friend and was sent to a collective farm as punishment.

This prompted him to defect to the South via China in 2003.

In 2008, he launched North Korea Intellectuals Solidarity with about 300 professors, engineers, doctors, journalists and writers from the North.

Now, he runs a dormitory and school for children of fellow defectors from the North, an Internet broadcasting station and publishes a periodical of articles by his colleagues.

The NK Intellectuals Solidarity is also a well-known source of breaking news from the North such as the currency denomination measure in late 2008 thanks to its informants around the China-North Korea border areas.

About 3,000 mobile phones are believed to be secretly used in the North for business purposes or delivering local information across the border, according to Kim.

“About 10 of them are ours, through which we hear about what’s going on there from our informants,” he said.

The informants in the North face the danger of getting caught by the authorities while speaking on the phone near the Tumen and Yalu Rivers with their co-workers in China.

One of Kim’s informants was caught two years ago on charges of spying and was tortured to death.

“She was a mother of three in her 30s who told us things like how the locals perceive the latest economic policies, but (the North Korean authorities) branded her as a spy,” Kim said.

“(Her death) was traumatizing and made us question if we should keep doing this. But we decided not to stop because otherwise, we wouldn’t be able to know about the inhumane crimes committed in the North.”

Kim’s solidarity has also sent in about 300 USBs technically modified to avoid detection.

The USBs do not contain any propaganda, but information on “what the defectors found surprising in the South,” dozens of new media programs such as PDF viewer, MP3 player software and e-books to enable more North Koreans to view South Korean video and text files, Kim said.

“Contrary to what we had expected, copies of Wikipedia entries turned out to be the most popular (among the North Koreans),” he said.

Currently, only five homepage servers are registered under the North Korean domain (.kr). The country connected itself to the Internet in mid-August, but only a handful of selected people are believed to have access to the Web.

Over 20,000 North Koreans have defected to the South since the Korean War ended in a truce in 1953. Hundreds are entering the South each month now mostly via China.

“I think about 4,000 people will arrive (in the South) next year,” Kim said.

“Women used to take up about 80 percent (of the defectors) before, but lately the percentage of men is going up.”

The North still maintains tight vigilance along its borders, but an increasing number of people manage to avoid the authorities’ eyes mainly thanks to bribery.

“Nowadays, it costs between 3.5 and 4 million won to bribe a single person (a soldier along the border, for example) in order to cross the border. The price goes up as (the North) tightens borderline vigilance,” Kim said.

About the North Korean people’s consciousness that they were being mistreated by the dynastical regime in Pyongyang, Kim said it was still in a “germinal stage.”

Pyongyang has tried to soothe its starving people by promising that food supply will be normalized next year, the deadline Pyongyang has set to become a “strong and prosperous nation.”

“But if the food conditions do not improve next year and turns out that it was all words and no action, people will really turn their backs against the government,” Kim said.

“They will know for sure that they are merely being used by the government. They will think that an individual’s basic rights should be placed above their government and start thinking about why there is such a major gap between what the current regime says and the reality.”

The North Koreans are now starting to learn about the need for a social safety net and how the South Korean society is going about its welfare policies through the limited information they receive from outside, Kim said.

“The third stage will be discussing what they have learned among themselves,” he said.

“Starting from groups of two or three people, the discussions will expand and eventually allow certain groups to take action.”

South Korea has reportedly been making contingency plans for various scenarios including a “sudden change” in the North such as the collapse of the Kim regime that will lead to a massive movement of refugees across the inter-Korean border.

“In case of a sudden change, the South can run a buffer zone just south of the border to temporarily house the refugees and prepare them for life in the South, although blocking the people’s free travel would be another issue,” Kim said.

“But because it would be a temporary measure, I don’t think we need to worry too much about a mass influx of refugees.’

Kim also noted that while preparing for a sudden change or unification, South Koreans should not underestimate the North.

“The South has no nuclear weapons, no inter-continental ballistic missiles, no cyber warfare troops, and most important of all, it suffers from internal conflict,” he said, mentioning an online survey last year that showed that some South Koreans did not trust their own government’s conclusion that the North torpedoed the Cheonan.

Kim said the North was training some 3,000 hackers to attack the IT systems of major South Korean institutions.

The prosecution concluded last month that North Korea was behind the cyber attack that paralyzed the banking system of the National Agricultural Cooperative Federation, or Nonghyup, in April.

“Our website was attacked in the same way they attacked Nonghyup,” Kim said.

“The North is very good at stirring up social conflict in the South, prompting certain pro-North groups to call on the government to ‘appease the North,’ or send money to Pyongyang. Their aim is to set up a pro-North regime in the South,” Kim said.

As for the “pro-North people” in the South, Kim said they seemed to hold an illusion that the North Korean system might settle their personal grudges or social problems in the South despite the fact that the Kim regime’s ideology has failed in reality.

Kim called on the South Korean government to set up a clear set of rules and conditions regarding the extent of humanitarian aid the South can send to the North in cases of natural disasters, for example, so that emergency aid to the North becomes more transparent.

Read the full story here:
N. Koreans use phones to sneak information out
Korea Herald
Kim So-hyun
2011-6-15

Pictured above (Google Maps): No. 91 Office

According to the Daily NK:

No. 91 Office, as it is known, is allegedly run under the auspices of the General Bureau of Reconnaissance.

A defector with substantial experience of conditions there offered information on the situation as far back as 2006 at the NKnet-organized “2011 North Korean Cyber Terror Seminar.”

The defector was unable to attend the seminar in person due to fears for his safety, but via pre-produced materials he explained how No. 91 Office is located in a set of two two-storey buildings in the Dangsang-dong of Mankyungdae-district, and how he entered the buildings on a number of occasions thanks to his relations with traders and cadres affiliated to it.

Additionally, satellite images were used to show the location of the office, just 300m from Ansan Bridge across the Botong River.

The defector also detailed the staff of No. 91 Office; the head, in 2006 a PhD-holding colonel in his 40s, a Party secretary ranked lieutenant-colonel, a similarly-ranked National Security Agency agent and around 80 staff, all in their 20s and 30s.

The 80 staff, all excellent minds selected from Kim Il Sung University, Chosun Computer University, Kim Chaek University of Technology and other elite schools, often spoke of ‘business trips’ to Shenyang and Dandong in China, the source explained.

The No. 91 Office-affiliated trade arm had five workers at the time, and is known as the ‘May 18th Trading Company, he added. Through it, the No. 91 Office allegedly obtains the equipment to do its work and provides hackers and other staff with daily necessities.

The unit has a 35-seater bus and two cars with number plates starting with ‘33’ or ‘34’, officially denoting vehicles belonging to the Mining Industry Department of the Cabinet.

Here and here are previous post on the Reconnaissance Bureau.

Here is a post on similar cyber warfare units in the DPRK: Mirim College and Moranbong University

Read the full story here:
No. 91 ‘Hackers HQ’ Revealed
Daily NK
Kim So Yeol
2011-6-1

According to the Daily NK, motorcycles, computers, and “big dogs” have replaced the rice cooker and wristwatch as the cutting edge status symbols among North Koreans.

According to the article:

In today’s North Korea, where wealth inequality is growing more and more extreme, what is a symbol of upper class income status? Just a few years ago, the answer was a branded South Korean rice cooker, the ‘Cuckoo’. So much so, indeed, that the brand name has totally usurped the dictionary description, ‘pressurized electric rice cooker’, altogether.

However, according to a new interview with a cadre from an enterprise in Chongjin published in the new, June edition of NK Vision, the most potent recent symbols of a wealthy family are motorcycles, notebook computers and military dogs!

“Nowadays in Chongjin, transport agents are being stationed here and there because of motorcycle accidents. There are usually around three motorcycle accidents per day, and people are losing their lives,” the cadre explained.

The majority of the motorcycles ridden in North Korea are Chinese brands such as Jangbaeksan costing around 2,000-3,000 Yuan (with 1 Yuan worth 400 North Korean won). Meanwhile, even second-hand versions of Japanese brands including Yamaha and Honda cost considerably more than 5,000 Yuan.

The cadre continued, “The bicycle is still the basic means of transport, as it has been until now. But the bicycle is now just a really ordinary means of transport; it is no longer a symbol of wealth.”

A notebook computer is another symbol of economic good health. Among other reasons, this is because in random inspections by the North Korean authorities they check computers, and since notebook computers can be hidden easily, they are enjoying great popularity.

The source explained, “On average, computer checks crop up once every two or three months, and since this happens without warning, we cannot get rid of things like foreign movies or Korean songs. Seeing these checks getting more serious, nowadays notebook computers are the most popular thing.”

Big dogs are, similarly, growing in popularity, even though one dog can cost as much as 100,000 North Korean won, or more than 50kg of rice. According to the cadre, there is sound logic to this, too.

“Affluent households need dogs to deter thieves, and a military dog can be raised for around seven years then it leaves meat to the house,” he explained.

Yesterday, Martyn Williams informed us about the DPRK’s juche laptop!

Read thee full story here:
Motorcycles and Notebook Computers
Daily NK
Kim So-yeol
2011-5-26

Martyn Williams reports in PC World (2011-5-25):

North Korea might be an unlikely place to find a PC factory, but the country has started manufacturing three models of computers, according to a recent state TV report.

…

The three computers consist of two for educational use and one for office use.

The educational computers each run the same custom software and come in two versions: one is a netbook-sized laptop, and the other is a bland-looking box with a keyboard and mouse, that’s designed to be connected to a television.

“You can use multimedia educational materials,” said Pae Myong-sok, a factory representative interviewed in the TV report. “For example, you can view elementary and middle schools textbooks, do intellectual training exercises, view various types of dictionaries, edit documents and even learn foreign languages.”

The office computer is a laptop and runs productivity software and includes a web browser, Pae said. It’s also netbook-sized and has dual USB ports — something that’s not included on the educational machines — for data transfer. The battery lasts about two and a half hours, the report said.

No other specifications or details were offered in the report. The operating system was unclear from the TV images, but it didn’t appear to be Windows. North Korea has developed its own version of Linux called “Red Star” and it’s possible the computers are running that.

“The devices and programs of these computers were designed and developed purely using our own expertise,” said Pae. “These computers have low prime cost but are designed to carry out all the necessary functions without difficulty.”

The factory was identified as belonging to the “Information Technology Institute.” No other affiliation was provided, but the name matches a unit of Pyongyang’s Korea Computer Center (KCC). The KCC is one of North Korea’s centers for information technology study and learning and has successfully marketed a handful of software applications overseas.

I have posted the segment from the North Korean evening news that features the computers to YouTube.  You can watch it here (2011-3-10).

A reader later pointed out on Martyn’s blog that the DPRK computer is identical to a discount computer sold in the USA. According to Martyn:

Son has posted a comment noting the similarity of the office laptop to a $99 netbook sold in CVS stores in the U.S. The netbook carries the Sylvania brand of Siemens.

From the looks of the two machines, they are identical. It’s either the same or similar basic hardware.

The North Korean manufacturer could be supplying them to Sylvania, or both companies could be buying the laptops from another manufacturer, likely in China, and customizing them. (Just because the Sylvania model runs Windows CE, it doesn’t necessarily mean the North Korean laptop has the same software.)

Below are pictures of the two computers via North Korea Tech:

Pictured above (Google Earth): Pyongyang University of Science and Technology (PUST) in  December 2009

Martyn Williams offers us an update on the University:

The Pyongyang University of Science and Technology enrolled an additional 100 students at the start of the current academic semester, according to a foundation that supports the school.

The first classes at PUST began in October 2010 with 160 students enrolled, said reports at the time. The latest intake will take the student body to 260 members, assuming none of the initial students has dropped out.

You can read Martyn’s full blog post here.

If you are interested in doing some volunteer work for PUST, here is their foundation’s web page. Here is the official PUST web page.

Previous PUST posts can be found here.

UPDATE (2011-5-19): Martyn Williams writes in PC World:

Control of North Korea’s top-level Internet domain has been formally assigned to a government-backed venture after the previous operator, a German company, let the national domain disappear from the Internet for several months.

The dot-kp domain was officially transferred at the beginning of May to Star Joint Venture, a North Korean-Thai company that has been chartered with providing “modern Internet services” to the insular country. Star JV has been in de-facto control of the domain name since December last year.

Dot-kp was first assigned in 2007 to the Korea Computer Center, one of the country’s top computer science establishments. KCC had agreed to let a German businessman, Jan Holtermann, set up a satellite Internet connection to North Korea and run the dot-kp domain through a German company, KCC Europe.

The company ran the domain and a handful of North Korean websites from servers in Berlin until mid 2010 when they suddenly disappeared from the Internet.

“In 2010, the authoritative name servers for the .KP became completely lame, effectively stopping the top-level domain from operating,” said the Internet Assigned Numbers Authority (IANA), the body that coordinates basic addressing functions of the Internet, in a report published this week.

“Korea Computer Center reached out to KCC Europe, its Germany-based technical registry provider, to have service reinstated. After several months without response, Korea Computer Center terminated KCCE’s agreement to operate the .KP domain,” the report said.

At around the same time, Star JV was beginning to bring Internet connectivity to Pyongyang via China. The company had already taken control of IP (Internet Protocol) addresses long reserved for North Korea but never used, and it brought the country’s first website onto the global Internet around October 2010.

The site, for the domestic news agency, was initially only accessible via its IP address since the dot-kp DNS (Domain Name Service) was still under the control of KCC Europe.

But that changed in December “in light of the continuing lack of operation of the dot-kp,” said the IANA report.

The Korea Computer Center supported giving Star JV interim control of the dot-kp domain and the first websites began using North Korean domain names in January this year.

The change was made official in May when the IANA database was updated to show Star JV as the coordinator of the domain.

Several attempts to contact Jan Holtermann, the German businessman that ran KCC Europe, both for this story and previous stories have proved unsuccessful. German company records show KCC Europe was dissolved on Jan. 31 this year.

ORIGINAL POST (2011-5-5): According to Martyn Williams:

Control of North Korea’s dot-KP Internet top-level domain has been assigned to Star JV, the North Korean-Thai joint venture that’s behind the recent wiring of Pyongyang to the global Internet.

The Internet Assigned Numbers Authority (IANA), which administers country code domains, updated its database on Monday, May 2, to assign the KP domain to “Star Joint Venture Company.”

This means control for the KP domain now rests with Star JV. Star took control of North Korea’s Internet address space last year and has been building up the North Korean Internet.

Switch of control to Star doesn’t come as a surprise as the company started issuing dot-kp domains in January this year. It’s a further sign that the joint venture between the North Korean government and Thailand’s Loxley Pacific is now responsible for the DPRK’s Internet links with the rest of the world.

The administrative and technical contact details are now listed as:

President
Star Joint Venture Company
Potonggang2-dong, Potonggang District
Pyongyang
Democratic People’s Republic of Korea
Email: mptird@star-co.net.kp
Voice: +8502 381 3180
Fax: +8502 381 4418

That’s the address and contact details of the international relations department of North Korea’s Ministry of Posts and Telecommunications.

The website for domain name registration is listed as www.star.co.kp. This website came online in the last few weeks, but it’s still being built.

Administrative control of the domain name was previously held by the Korea Computer Center with technical control in the hands of Jan Holtermann, the German businessman who previously ran a satellite-Internet connection to the country.

Martyn has been keeping an eye on the Star JV co for some time.  See here, here, and here.

Previous posts on the Korea Computer Center are here.

According to Bloomberg:

North Korea was responsible for paralyzing the National Agricultural Cooperative Federation’s computer network in April in a second online attack in two months linked to the Kim Jong Il regime, South Korean prosecutors said.

Hackers used similar techniques employed in cyber assaults that targeted websites in South Korea and the U.S. earlier this year and in 2009, the Seoul Central District Prosecutors’ Office said in an e-mailed statement today. The Unification Ministry criticized the “provocation” and urged North Korea to stop such attacks immediately.

The network of the bank better known in Korean as Nonghyup was shut down on April 12, keeping its almost 20 million clients from using automated teller machines and online banking services. In all of the three bouts of online attacks, a method called “distributed denial service” was used, according to the statement.

Under the DDoS tactic, malicious codes infect computers to trigger mass attacks against targeted websites, according to Ahnlab Inc. (053800), South Korea’s largest maker of antivirus software.

Nonghyup will spend 510 billion won ($477.2 million) by 2015 to boost network security, the bank said in an e-mailed statement. The company received 1,385 claims for compensation related to the network disruption as of May 2, and 1,361 of them have been settled, according to the statement.

North Korea’s postal ministry was responsible for the 2009 attacks, Won Sei Hoon, head of South Korea’s National Intelligence Service, told lawmakers in October that year.

Attacks in March this year targeted 40 South Korean websites, including at the presidential office, the National Intelligence Service, and Ministry of National Defense. They were traced to the same Internet Protocol addresses used in the 2009 episodes, South Korean police said last month.

The hackers prepared for the April 12 attack on Nonghyup for more than seven months, the Seoul Central District Prosecutors’ Office said today.

According the Hankyoreh:

Prosecutors stated that a notebook computer belonging to an employee of the company managing the Nonghyup server became a so-called “zombie PC” after being infected in September 2010 by malicious code distributed by the North Korean Reconnaissance General Bureau, and that North Korea subsequently operated the notebook remotely to attack the Nonghyup computer network.

North Korea did not initially target Nonghyup, but the bank was exposed as a result, prosecutors explained.

As bases for this conclusion, prosecutors cited the fact that one of the IP addresses for the server ordering the attack was confirmed to be administered by the North Korean Reconnaissance General Bureau, along with the strong similarity between the malicious code and distribution methods with previous DDoS attacks concluded to be North Korea’s doing.

Some experts at security companies reacted with skepticism to the prosecutors’ contentions. One expert questioned the explanation that the parties behind the attack used the same overseas command server employed by hackers in the DDoS attacks for operating zombie PCs, noting that its IP address was blocked through the Korea Internet Security Agency.

A computer systems design expert said, “The back door program on the notebook used in the attack could not function if linked with Nonghyup’s internal network, which is cut off from the Internet.”

The argument is that it would have been effectively impossible for an outside party to precisely determine and attack Nonghyup’s computer system structure and work currents and those notebooks authorized for top access without assistance from an inside party.

When questioned about their evidence of North Korea’s direct involvement, prosecutors reiterated that they could not disclose the information because it was related to national security.

The story was also covered by the Daily NK and the AFP.

The Choson Ilbo reports that 200 additional infected computers have been discovered.

Authorities have discovered 200 more so-called zombie computers that have been infected with viruses North Korean hackers planted in September last year. They came across them in the process of investigating the laptop computer of an IBM employee that was used to paralyze the computer network of agricultural cooperative lender Nonghyup.

Prosecutors said Monday that the National Intelligence Service identified 201 port numbers that have been infected with viruses so that they can serve as zombie computers, and the IBM employee’s laptop is one of them. This means not only Nonghyup but any state agency could be the target of a North Korean cyber attack.

Growing Sophistication

South Korean authorities and computer experts say the Nonghyup incident demonstrates the increasing sophistication of North Korea’s cyber warfare capabilities. During a so-called distributed denial-of-service attack on July 7, 2009, North Korean hackers used 435 servers in 61 different countries to spread just one type of virus. During a DDoS attack in March this year, 746 servers in 70 countries were used to plant more than three different types of viruses. The cyber attack against Nonghyup involved a different virus which directly infiltrates the computer network of a bank and deletes not just data but its own tracks as well.

Authorities say finding the 200 zombie computers is as difficult as locating a mole planted by North Korean intelligence. As long as the zombie PCs remain dormant, it is impossible to trace them.

The Korea Herald raises points of skepticism:

Despite prosecutors’ announcement pinpointing North Korea as the culprit for the April 12 cyber attack, security experts say that it is difficult to identify its instigator given the complicated nature of the hacking process.

On Tuesday, investigators at the Seoul Central District Prosecutors’ Office said the Reconnaissance General Bureau, the North’s premier intelligence body, orchestrated the “unprecedented cyber terror” that paralyzed the banking system of the National Agricultural Cooperative Federation, or Nonghyup, for several weeks.

They said that the conclusion came as the methods used in the previous two cyber attacks on a number of key South Korean government and business websites in July 2009 and in March last year were similar to the ones used in last month’s attack.

They also stressed that one of the Internet Protocol addresses used in the attack on the cooperative was identical to that used in last year’s attack.

Experts, however, said that evidence of North Korea’s involvement in the worst-ever cyber attack was too “weak” and only based on “circumstantial assumptions” and that the case could remain unaddressed forever given that identifying the hackers is extremely difficult.

First of all, experts pointed out that hackers usually change IP addresses frequently or use someone else’s address to disguise their identity. Thus, an IP address cannot serve as credible evidence to identify the culprit.

“It appears that prosecutors believe the owner of an empty house with a certain address is the thief who broke into the house while the owner is away,” said a security expert in a media interview on condition of anonymity.

Prosecutors also presented a Media Access Control address which was found on a laptop computer used by the North to launch the attack as evidence. But experts say that the address cannot be reliable as it kept changing on the Internet.

The hacking methods similar to the previous North Korean attacks cannot be clear evidence, either, to hold the North responsible, experts added. They said hackers tend to copy effective methods used by others.

During the announcement, investigative authorities stressed that they could not reveal all pieces of “critical” evidence to the public, citing security concerns. However, their concerns fail to ease doubts over whether the weeks-long result of the prosecutorial investigation is credible.

The North has long focused on cyber warfare. It is known to have established many college-level institutions to produce hackers and stationed cyber warfare personnel in China. The North has used cyber attacks to spy on South Korean government bodies or glean crucial intelligence.

Read more about the DPRK organizations thought to be responsible here.

There are two KCNA web pages.  The older one is run by the Chongryun in Japan (here). The newer one is managed by the Korea Computer Center (KCC). This newer web page was recently updated. It went off line a few days ago and emerged today with a different format. You can see a screen shot above.

The URL is slightly different.  The previous version of the KCC’s KCNA web page was http://www.kcna.kp/kor.  The new one is simply http://www.kcna.kp. The default language is Korean, but if you can read a little Korean, you can find the language settings and change the language to:

English: http://www.kcna.kp/goHome.do?lang=eng

Spanish: http://www.kcna.kp/goHome.do?lang=spa

Japanese: http://www.kcna.kp/goHome.do?lang=jpn

Another great change has been the addition of a reasonably functional search bar.  The older Chongryun KCNA web page has no search function (Hooray for the Stalin Search Engine).  The previous version of the KCC’s KCNA web page contained a search bar that was too small to type “Kim Jong il”.  Now you can do a search for “The Great Leader Comrade Kim Jong il”–which produces one result.

No doubt Martyn Williams will have more to say about this page when the sun gets to his side of the planet.  Today he reports on the launch of the DPRK’s new Voice of Korea web page.

Below are some recent posts on the DPRK’s moves to the internet:

KCNA re-launched on DPRK-owned IP address

Hackers find creative way to celebrate KJU birthday

DPRK organization opens Twitter account

Uriminzokkiri on Youtube

Naenara, TaeMun, and KCNA get new URLs

Martyn William’s list of DPRK web pages

According to Yonhap:

North Korea has begun to demand that every personal and electronic storage device in the country be registered in an apparent effort to crack down on outside information that may contain sensitive news about Middle East uprisings, a government source said Friday.

The measure took effect early this year and has led to the confiscation of a considerable number of electronic devices, the South Korean source said, declining to be identified.

The communist country is also allowing its notoriously harsh policing organ to have the right to approve the use of a mobile phone by an individual, the source said.

More than 300,000 mobile phones are believed to be in use in North Korea, which strictly controls the flow of information in and out of its territory in an effort to keep its 24 million people brainwashed and make them conform to the regime.

And according to the Straits Times (Singapore):

Pyongyang has ordered institutions and households to report on how many computers and even portable data storage devices such as USBs and MP3 players they own, early in 2011, according to a Seoul government source.

The North Korean police agency is in charge of keeping track of the IT gadgets possessed by everyone, presses criminal charges against those who failed to report and even confiscates many of the gadgets, the source said.

…

The reclusive communist state has been running a unit of authorities for years to crack down on North Koreans watching South Korean soap operas or foreign movies, which they call ‘non-socialist video’.

Pyongyang is also reinforcing a crackdown on use of cellphones and the Internet. It is estimated that more than 400,000 mobile phones are being used in North Korea. North Koreans are required to get government permission to use cell phones. They are also banned from bringing them into the country or using cell phones bought overseas.

Foreign members of international non-governmental organisations working in North Korea were also told to follow domestic regulations on cell phones.

It appears that the DPRK is attempting to treat these products the same way it has treated radios for decades.  Lankov writes in his book, North of the DMZ:

Certainly, a person with some technical knowledge can easily make the necessary adjustments and transform such a receiver into a real radio. To prevent this from happening, the police undertake periodic random inspections of all registered receivers. Controlling the correct use of radio receivers is also an important duty of the heads of the so-called people’s groups or inminban. The head of an inminban can break into any house at any time (even in the dead of night) to check for the possible use of a non-registered receiver.

If a North Korean has access to foreign currency, he or she can buy a foreign-made radio set in one of the numerous hard-currency shops. However, after purchase the radio set was subjected to minor surgery in a police workshop — its tuning had to be fixed, so it could only receive official Pyongyang broadcasts (it appears this practice is declining in recent years).

The control was never perfect…

Of course it is questionable as to whether the inminban play a reliable role in “law enforcement” these days.  Instead, individuals in these positions seem to play an increasing role in shielding their residents from Pyongyang’s dictates rather than assuming a pure-exploitation position.  In the past we have seen how inminban effectiveness can affect local real estate prices.  Also, when the government needed to apologize for the disastrous “recent” currency reform, they did so in person to the inminban representatives.

Given the proliferation of electronic devices, particularly in Pyongyang, in combination with the capacity of local police to carry out this mission, I believe the actual result of this policy will be the registration of “some” electronic devices along with the hiding and bribing required to keep others off the books.  So inspection police just got a raise!

UPDATE 3 (4/1/2011): The International Civil Aviation Organization (ICAO) is considering measures against North Korea after the reclusive state was accused of jamming satellite navigation signals.  According to Flight Global:

The organisation is intending to co-operate with South Korea over the matter, says the Korean ministry of foreign affairs.

It follows a meeting between Korean foreign minister Kim Sung-Hwan and ICAO secretary general Raymond Benjamin yesterday.

The ministry says that ICAO has accepted its position of “pointing out the illegality” of Global Positioning System signal jamming by North Korea in early March, and that a “recurrence of such [an] incident must not occur”.

It also says that ICAO has agreed to “co-operate with Korea in taking necessary measures” should there be another incident, because North Korea’s action “threatens civil aviation safety, of not only Korea but also other countries”.

ICAO was not immediately available to comment on the foreign ministry’s statement.

UPDATE 2 (3/20/2011): According to Strategy Page:

Since the 18th, North Korea has been directing a GPS jamming signal across the border, and towards the southern capital, Seoul. The jamming signal can be detected up to a hundred kilometers south of the DMZ. The North Korea GPS jammers are based on known Russian models that North Korea bought and copied. The usual response for GPS jamming is to bomb the jammers, which are easy to find (jamming is nothing more than broadcasting a more powerful version of the frequency you want to interfere with). But such a response could lead to more fighting, so the south is still considering what to do. The jamming is a nuisance more than a threat, and most military equipment is equipped with electronics and other enhancements to defeat it. This is the third time in a year that the north has attacked the south. The first was the torpedoing of a South Korean warship a year ago, then the shelling of a South Korean island off the west coast last November. Now this jamming, and DDOS attacks on government websites.

UPDATE 1 (3/15/2011): According to Yonhap, the DPRK has rejected a letter of complaint from the South over GPS jamming:

North Korea on Tuesday rejected a letter from South Korea demanding that the communist nation stop sending jamming signals across the border, Seoul’s Unification Ministry said.

South Korea’s communications watchdog, Korea Communications Commission (KCC), asked the ministry earlier in the day to send the North a letter in which it complained of the trouble caused by disruptions to Global Positioning System (GPS) signals in the South.

South Korean officials have blamed North Korea for jamming the signals early this month in what they believe was an attempt to interrupt ongoing military drills between South Korean and U.S. forces. GPS-based mobile phones and certain military equipment in the South’s northwestern areas experienced minor errors due to the disruption, according to officials.

“Following KCC’s request, we tried to deliver to the North a letter of complaint written in the name of KCC Chairman Choi See-joong through the liaison office at Panmunjom,” the ministry said, referring to the inter-Korean truce village. “But the North’s liaison officer refused to receive it.”

In the letter, the KCC said it demanded that the North “instantly stop jamming activities and provide measures against similar incidents in the future.”

The commission also wrote that the jamming of GPS signals is “causing an inconvenience to our people and threatening their safety,” adding that such actions are “unacceptable” under International Telecommunications Union regulations. Both South and North Korea are members of the Union.

North Korea was accused of jamming GPS signals across the border last year, but this is the first time the South has tried to lodge an official complaint on the matter.

South Korea has already sought international action against the sabotage, with the foreign ministry sending a letter of inquiry to a United Nations agency in charge of information and communication technologies, a presidential official said earlier this month.

ORIGINAL POST (3/8/2011): According to the AFP (via Singapore’s Straits Times):

Seoul confirmed on Monday that North Korea has been trying since Friday to jam communications signals across the border, where the US and South Korea are holding a major joint military exercise.

Signals are being emitted from near the North’s border city of Kaesong to disrupt navigational devices using GPS (the Global Positioning System) north-west of Seoul, the Korea Communications Commission said.

They caused minor inconvenience on Friday and Saturday, it said, while weaker signals are ongoing. ‘Intermittent (GPS) disruptions are still continuing, although signals are weak,’ the commission said in a statement, adding that it was working with government agencies and security authorities to counter the jamming.

The South’s defence ministry confirmed the intermittent failure of GPS receivers last week, but refused to give details for security reasons. It was not clear whether the disruption caused problems to the war games.

The North’s military operates dozens of bases equipped for an electronic war to disrupt South Korean military communications, the South’s Yonhap news agency said. The communist country has imported GPS jamming devices from Russia, while South Korea uses French equipment to disrupt or monitor the North’s military communications systems, it said.

How do these kinds of attacks work and how effective are they? According to Wired:

North Korea is reportedly jamming Global Positioning System (GPS) signals in South Korea, possibly in an attempt to interfere with the U.S.-South Korean annual Key Resolve/Foal Eagle drills, which kicked off on February 28.

GPS jammers work by sending a signal that interferes with the communication between a satellite and GPS receiver. It’s a relatively simple operation, with relatively short-range effects. Thus far, cell phones used by civilians and troops and some military equipment have been put on the fritz by the disruption attempts.

But the juiciest target for the North’s jamming efforts would be the U.S. and South Korean arsenals of GPS-directed bombs.

If it works just right, the GPS jammer can cut off a satellite-guided bomb’s ability to guide itself to target. The bomb simply continues hurtling towards the ground in the direction it was when it lost contact with a satellite.

However, these weapons have other means of guiding themselves in the event of jamming. Take the Joint Direct Attack Munition (JDAM), a guidance kit that’s strapped to older, “dumb” bombs to make them more accurate. In addition to GPS, the JDAM kit comes equipped with an Inertial Navigation System (INS), which measures a bomb’s acceleration and uses the information to plot its way to a target. In the event a JDAM’s GPS signal is successfully jammed, it can rely on its INS to guide it, although accuracy is reduced from 5 to 30 meters.

That’s not the only backup for U.S. bombs. “Increasingly you see that there are multi-mode smart munitions that have both GPS and laser guided so that if one is not working, the other can,” says John Pike, a defense and aerospace expert and president of Globalsecurity.org.

Though he’s not familiar with the specific systems used by the North Korea, Pike says other incidents make him think the U.S. might not have much to worry about in this case.

“The jammings that I have been aware of in other instances I would place into the category of ’seriously annoying.’”

North Korea is believed to have both a GPS jamming system imported from Russia and a modified version its been shopping around the Middle East, according to South Korea’s Chosun Ilbo. Russia reportedly sold a GPS jamming system to Iraq on the eve of the second Gulf War. And in case you missed that one, jamming wasn’t much of an issue for U.S. bombs.

But jamming might not be the only info war trick North Korea’s been up to lately.

Last week, at least 29 websites were affected by a distributed denial of service (DDoS) attack, which targeted a number of South Korean government, U.S. military and private sector sites. At the moment, the origin of the web traffic flood remains unknown, but North Korea is widely suspected because of its prior history. In June 2009, South Korea intelligence attributed a series of DDoS attacks which targeted a similar portfolio of sites to North Korea.

Which organizations in the DPRK carry put these kinds of operations? The Choson Ilbo highlights the well known Mirim College for Electronic Warfare Research

Pictured above on Google Earth: Suspected initial location of the Mirim War College in Pyongyang (39.013904°, 125.877156°) (via Michael Madden).  Reports now indicate it has been moved to the other side of Pyongyang in Hyonjesan-guyok.

According to the Choson Ilbo:

Pyongyang began developing electronic warfare capabilities in 1986 when it founded Mirim University, the present-day Automation University, to train specialists.

A defector who graduated from the university recalled that 25 Russian professors were invited from the Frunze Military Academy in the former Soviet Union to give lectures, and some 100 to 110 hackers were trained there every year.

Mirim is a five-year college. The Amrokgang College of Military Engineering, the National Defense University, the Air Force Academy and the Naval Academy are also reportedly training electronic warfare specialists.

Jang Se-yul of North Korean People’s Liberation Front, an organization of former North Korean military officers and servicemen, recalled that when he fled the North in 2007, “I heard that the North Korean military has about 30,000 electronic warfare specialists, including some 1,200 personnel under two electronic warfare brigades.”

“Each Army corps operates an automation unit, or an electronic warfare unit.” Jang used to be an officer of a North Korean electronic warfare command.

Material published by the North Korean Army in 2005 quotes leader Kim Jong-il as saying, “Modern war is electronic warfare. Victory or defeat of a modern war depends on how to carry out electronic warfare.”

In a 2006 report, the South Korean military warned North Korean hackers could paralyze the command post of the U.S. Pacific Command and damage computer systems on the U.S. mainland.

Experts believe that the North’s 600 or so special hackers are as good as their CIA counterparts. They attempted in August 2008 to hack the computer of a colonel in South Korean Field Army headquarters. In 1999, the U.S. Defense Department said the most frequent visitor to its website was traced to North Korea.

Due to economic difficulties since the 1990s, the North Korean regime had a hard time boosting its conventional military capabilities and instead focused on strengthening so-called asymmetric capabilities that would allow it to achieve relatively large effects with small expenses. That includes not only nuclear and biochemical weapons and missiles but also special forces and hackers.

FAS has more on the Mirim-based school here.

A couple of years ago, the Daily NK mentioned another possible contender: Moranbong University

Pictured above on Google Earth: Korean Workers’ Party Building 3 complex in Pyongyang (39.057894°, 125.758494°)

According to the Daily NK:

Moranbong University, which is directly managed by the Operations Department of the Workers’ Party, is said to be leading technical developments in cyber war against foreign countries.

A North Korean source said in a telephone interview with Daily NK on the 10th, “I heard that the U.S. and South Korea were attacked. If it were confirmed that North Korea was responsible, it would have been by the graduates of Moranbong University.”

According to the source, since the mid-1990s, the Workers’ Party has been watching the worldwide trend whereby the IT field started dominating, and founded Moranbong University in 1997 in order to train experts in data-processing, code-breaking, hacking and other high-tech skills. The results of new student selections, curricula and training are reported only to the Director of the Operations Department, Oh Keuk Ryul.

The foundation of the University was spurred by the North Korean invasion of the South in Kangreung, Kangwon Province in 1996. 26 North Korean special agents tried to infiltrate South Korea after passing under the Northern Limit Line in a special, mini-submarine, but they were all killed or committed suicide after the operation failed. After that, there was a debate within the South Korean Liaison Office under the Operations Department of the Party about the sending of spies to the South and collecting intelligence through contact with resident spies in South Korean society. After listening to such suggestions, Kim Jong Il approved the establishment of the university.

It is a five-year university which selects 30 freshmen every year. The university makes every freshman a military first lieutenant. In sophomore year, students take courses in martial arts, shooting and other special skills, and then they take courses in assembly languages, wiretapping, code-breaking, and hacking.

Graduates are dispatched to the headquarters of the Operations Department of the Party or local South Korea Liaison Offices, where they are put in charge of collecting intelligence from intelligence organizations and the military of South Korea, the U.S., Japan, China and other neighboring countries, or demolishing programs.

Since 2003, more than 200 graduates from the University have started working for the Operations Department or as professors of Moranbong University. Some of them have been dispatched to China in order to train in international techniques or to earn foreign currency as Chosun Computer Center (KCC) workers.

According to the source, Moranbong Univeristy is better than Mirim University, the former main educational institution for North Korean hackers, in terms of equipment, technology and curricula. It is located in Jung-district, just across from the No. 3 Government Building, in which the United Front Department, the Liaison Department and the Operation Department are stationed. The real purpose of the university is not officially revealed even to general agents of the Operations Department, because it is treated as top secret.

The source concluded, “Wiretapping has its limits because of a lack of equipment, but they have world-class hacking technology.”

The Daily NK,  Choson Ilbo, and Strategy Page later posted additional information on these organizations.

South Korea is said to be seeking additional sanctions on the DPRK for these activities.  According to Yonhap:

But they said the North should not go unpunished for the sabotage, with a senior presidential official hinting at the possibility of seeking sanctions against the communist nation.

A charter of the International Telecommunication Union (ITU) bans a country from doing damage to electric waves of other nations. Both South and North Korea are members of the ITU.

The foreign ministry already sent a letter of inquiry to a United Nations agency in charge of information and communication technologies, the presidential official said on condition of anonymity.

Read the full stories here:
N. Korea launches electronic attacks on S. Korea
AFP (Straits Times)
3/7/2011

North Korea Jams GPS in War Game Retaliation
Wired
Adam Rawnsley
3/7/2011

N.Korea Trains Up Hacker Squad
Choson Ilbo
3/9/2011

Mecca for North Korean Hackers
Daily NK
Jung Kwon Ho
7/13/2009