Western researchers recently began sifting through troves of North Korean Internet data, looking for activity related to missile launches or malicious cyber activity within the famously isolated country.
What they found instead surprised them.
North Korea's tiny circle of elite families - among the few people in the country with unfettered access to the Internet - turned out to be strikingly like the rest of the world in their digital habits. They use their smartphones to check Gmail, call up their Facebook accounts and browse for goods at Amazon and Alibaba, a Chinese e-commerce company, according to a report to be released Tuesday and provided in advance to The Washington Post.
"These leaders are doing many of the same things that we do when we wake up in the morning," said Priscilla Moriuchi of Recorded Future, a threat intelligence firm that wrote the report. "They're not isolated."
These observations apply to only a tiny sliver of North Koreans because the vast majority of the nation's 25 million people are poor and have no access to the Internet. Even the few who have mobile devices - a number estimated as high as 4 million people - are confined to a heavily censored, government-run national network called Kwangmyong.
But some North Koreans do have direct access to the Internet through universities, select businesses and perhaps the homes of top government or military officials. Whoever they are, 65 percent of their overall Internet traffic was devoted to gaming and streaming online content. Among the most popular streaming services are China's Youku video-hosting service and iTunes.
North Koreans with Internet access have a particular fondness for Baidu, a Chinese search engine and Internet services firm, as well for a multiplayer online game called World of Tanks, the researchers found.
The researchers also found that few of the elites on the Internet in North Korea used virtual private networks or other tools for cloaking the origin of digital activity, although one iPad used a virtual private network "to check a Gmail account, access Google Cloud, check Facebook and MSN accounts, and view adult content," the report found. Other people with Internet access used virtual private networks to make purchases using bitcoin, follow Twitter and upload documents to Dropbox.
"If it's real, it's very interesting because it shows more access from North Koreans to the Internet and more access to information," said technology journalist Martyn Williams, who runs the North Korea Tech website from his home in Northern California.
Recorded Future, based in Somerville, Massachusetts, reached its conclusions by examining data collected by Team Cymru, a nonprofit Internet security research group, between April 1 and July 6 on three sets of Internet address blocks they think are used by North Koreans.
The trove of data probably did not include Internet use by foreign embassies or international groups based in the country, which typically use their own Internet links, the researchers said. But the data may have included some small amount of traffic from foreign journalists or other visitors to the country.
The findings track loosely with other research showing that North Koreans are more plugged in to global information flows than commonly assumed, said Victor D. Cha, a former White House North Korea expert and now a senior adviser to the Center for Strategic and International Studies, a Washington think tank.
He said interviews conducted with people living in the country have revealed alternative sources of information for North Koreans beyond government propaganda, and that people working in professional settings often speak privately of their frustrations with the regime of Kim Jong Un.
"There's a surprising level of awareness of the inadequacies of the government," Cha said.
The report by Recorded Future also shows that North Koreans are reaching the Internet through access available in India, Malaysia, New Zealand, Nepal, Kenya, Mozambique and Indonesia - all countries where North Korea also has at least some small base of operations through government programs, universities or other institutions.
Recorded Future researchers said they saw a "near absence of malicious cyber activity" from the North Korean mainland in the April to July time frame, which indicated to them that the regime is conducting most of its malicious activity from abroad. U.S. intelligence analysts say that North Korea conducts most of its cyber operations from outside the country - primarily in China, but from other countries, such as Malaysia, as well.
That is not to say that North Koreans don't use online resources to communicate about missile launches or unleash cyberattacks, such as the devastating WannaCry ransomware attack in May. The National Security Agency has assessed that the attack was conducted by Pyongyang, although the U.S. government has not publicly blamed the country. But those activities happen on networks beyond the reach of the data set studied by the researchers.
The intelligence analysts say that North Korea's Reconnaissance General Bureau, its military spy agency, has an overseas network of RGB-trained hackers and North Korean workers moonlighting as hackers. China has the single largest network of such hackers, said one analyst, who spoke on the condition of anonymity to discuss sensitive information. Many of these individuals operate in a gray area, as legal software developers abroad who moonlight as hackers for the regime, the U.S. intelligence analysts said.
"North Korean cyber activity abroad presents huge opportunities for the United States to put financial pressure on the regime via third countries to expel cyber actors and to reduce malicious cyber activity," said one U.S. intelligence analyst, speaking on the condition of anonymity to discuss matters not authorized for public comment.
The Washington Post
Wed Jul 26 2017
Men carry flags in front of the stand with North Korean leader Kim Jong Un and other officials in Pyongyang April 15, 2017. REUTERS/Damir Sagolj
'Tulisan jawi tiada kaitan Jelajah Perikatan Nasional' - MUDA Kelantan
MUDA Kelantan menegaskan tulisan jawi tertera pada sepanduknya adalah logo rasmi baharu cawangan itu, dan tiada kaitan dengan program Jelajah Perikatan Nasional (PN).
Ops Lebih Muatan: JPJ keluar 126 notis saman, 13 kenderaan barangan dikenakan tindakan
Sebanyak 126 notis saman dikeluarkan JPJ Pulau Pinang terhadap pemandu kenderaan barangan menerusi Ops Khas Lebih Muatan di sekitar negeri ini.
AWANI Ringkas: Bas terbalik di Lebuh Raya Karak
Ikuti rangkuman berita utama yang menjadi tumpuan sepanjang hari di Astro AWANI menerusi AWANI Ringkas.
Lelaki mengaku rogol, cabul anak kandung
Dia didakwa melakukan perbuatan itu di sebuah rumah di Kampung Seri Rahmat, Batu Gajah pada jam 10 hingga 12 malam, Februari lalu.
Piala Uber: Pearly ambil sudut positif jika tidak ke Chengdu
Pearly Tan tidak berasa kecil hati sekiranya beliau dan pasangan M. Thinaah, tidak disenaraikan ke skuad Piala Uber 2024 di Chengdu, China.
Bubur Lambuk Ayam Belanda hidangan istimewa di Kampung Parit Sikom
Istimewa Ramadan 2024, penduduk kampung Parit Sikom, Pontian, Johor menikmati hidangan istimewa, Bubur Lambuk Ayam Belanda, yang diedarkan sebanyak 500 pek .
Penguasaan asas teknologi AI sangat penting untuk pelajar
Penguasaan terhadap asas AI adalah perlu dan penting seiring dengan penguasaan 3M (menulis, mengira dan membaca).
Pasaran saham ST1 positif, dijangka berterusan sehingga H2
Pasaran FBM KLCI mencatat prestasi baik dengan pulangan sekitar 5.7%. Imran Yassin Md Yusof, Ketua MIDF Research, menjangkakan sentimen positif akan berterusan sehingga separuh kedua tahun ini. Sektor cemerlang termasuk utiliti, hartanah, dan pembinaan.
Peningkatan IHPR beri petanda positif kepada perdagangan
Menurut Pengarah Program MBA, Putra Business School (PBS), Prof Madya Dr. Ahmed Razman Abdul Latiff, prestasi Indeks Harga Pengeluar (IHPR) Pengeluaran Tempatan Malaysia yang meningkat pada Februari 2024 menyifatkan pertumbuhan perdagangan berada di tahap yang baik.
Jangan ambil tindakan sendiri, Malaysia ada undang-undang - KPN
Ketua Polis Negara, Tan Sri Razarudin Husain memberi amaran dan peringatan keras kepada orang ramai untuk tidak mengambil tindakan sendiri.
Jangan panik, hanya Gmail asas HTML sahaja akan dihentikan
Yang akan dihentikan hanyalah Gmail asas HTML (Gmail basic HTML) yang menggunakan rekaan asal perkhidmatan yang dilancarkan pada tahun 2024.
Gmail tingkatkan kemampuan tapis spam guna RETVec
Menurut Google, RETVec ialah penambahbaikan kepada sistem saringan e-mel dan sekuriti yang terbesar mereka lakukan setakat ini.
Aplikasi untuk bantu wanita henti guna perkataan 'Maaf' dalam emel
Perkataan 'Minta Maaf' atau 'Saya bukan pakar' dalam emel seakan melemahkan kuasa wanita di pejabat.
Oops! Gmail beri masa 30 saat untuk 'Undo Send'
Gmail memberikan tempoh sehingga 30 saat untuk membuat pembatalan sebelum ia dihantar kepada penerima.