North Korea’s internet goes dark

Over the weekend, as North Korean officials demanded a “joint investigation” into the Sony attacks and denied culpability — an assertion the United States rejected — Internet service began to get wobbly. By early Monday, the Internet went as dark as one of those satellite photographs showing the impoverished country by night.

Given their limited connectivity, I wouldn’t be surprise if it could be taken down by a single computer at someone’s house.

Advertisements

27 million South Koreans affected by data breach | CSO Online

Even though I’m still or if the country,  I still keep tabs on things.

And hurray for being one of the most word countries in the world but still think Internet Explorer is a must have for banking!  Just goes to show that they really don’t understand security. This article is nothing new…

http://www.csoonline.com/article/2597617/data-protection/27-million-south-koreans-affected-by-data-breach.html

#North Korea revokes 3G web access for tourists after just a month

I think the whole world was surprised when NK announced that they would allow tourists to access the 3G network while there.  Then suddenly, the 3G option was shut down.

“3G access is no longer available for tourists to the DPRK,” Koryo Tours has said. “Sim cards can still be purchased to make international calls but no internet access is available.”

read whole article here

Now, let’s put a few things together shall we and see what you see.

Timeline of events:

  1. March 1 – North Korea to allow mobile internet for foreigners
  2. March 20 – South Korea hit by a cyber attack
  3. March 22 – South Korea misidentifies China as cyberattack origin
  4. March 25 – North Korea revokes 3G web access for tourists after just a month

A little bit of details about the attack itself.

“Discovering that the code was from China makes it more likely that the attack was from North Korea, because a lot of North Korean hackers operate there,” said Ryou Jae Cheol, a professor of computer engineering and securities at Chungnam National University. “Who else would be making this kind of attack at this scale and timing other than North Korea?” — Bloomberg Businessweek, March 21, 2013.

But wait….didn’t they back-peddle and say it was a mis-identification?

Does anyone else here see the politics and ‘lets be nice to the whiny baby up north’ tactics being used?  I sure as hell do.

And gee…I wonder how they got access to remote machines….< he says, covertly pointing to the March 1 link….>.

Smelling #Korean technical bullshit when I see it!

A little diagram of an IP address (IPv4)
A little diagram of an IP address (IPv4) (Photo credit: Wikipedia)

 

The recent cyber attacks on South Korea’s banks has made quite a stir in the media.  3 banks services were unavailable  for many hours with lingering effects still.  Yet when I see a line that supposedly explains the origins, and that line is total and utter bullshit….well, I’m gonna call it.

 

See,  they track who is attacking by IP address.  Sure it probably will not be a North Korea IP address and like many other types of attacks, such methods use systems in other places, countries.  So they originally blamed the attacked coming from a Chinese IP address.  Not surprising really, happens all the time.  In fact, there are certain services that blanket-block any/all Asian IPs because of things like this.  What really got me is the line where they played on people’s absolute ignorance of how networking works.

 

The IP address was used only for the company’s internal network and was identical to a public Chinese address.

 

There is a severe problem with this statement.  This situation is completely and utterly impossible to happen.  Out of all the original IP(version 4) addresses, 3 ranges are used exclusively to internal networking.  These 3 ranges are not ‘routable’, meaning you cannot use them to access the internet.

 

However, they cannot have IP connectivity to any host outside of the enterprise.
source - RFC1918

 

So, tell me. How can an internet network IP address possibly be the same as an IP address on some external network in China?  That’s right, it can’t.  Thus I call bullshit.

 

Still want to believe everything you read in your newspapers?

 

#North Korea Under Cyber Attack!

It seems that the meager Internet resources from the ‘noisy boys up North’ have been crippled by 2 days of continous attacks.

North Korea accuses U.S. of cyber attacks on its Internet servers

(Edit: of course they do!  Not saying they are wrong but this is kinda stating the obvious)

Given how little they use the Internet, is this really going to make much a difference?  I mean seriously, this would be like someone staging continuous drain on buying up all the CB radios.  No one really cares and in the long run, it really doesn’t affect much as far as infrastructure goes.  This will just piss them off, and give them more reason to do something stupid because that’s the only way this little standoff will even go anywhere.

North Korean students attend a rally held to show their willingness to enlist in the army March 14, 2013 in this picture released by the North’s official KCNA news agency in Pyongyang March 15, 2013.

REUTERS

SEOUL

North Korea accuses U.S. of cyber attacks on its Internet servers

JACK KIM

Published Friday, Mar. 15, 2013 07:58AM EDT

Last updated Friday, Mar. 15, 2013 08:00AM EDT

North Korea, usually blamed for hacking others, has accused the United States of staging cyber attacks against its Internet servers after reports of disruptions to its main news services, the latest twist from an increasingly bellicose North.

Russia’s Itar-Tass news agency said a “powerful hacker attack” from abroad had brought down Internet servers inside the North, disabling access to some websites.

The accusation comes at a time of increased tension between reclusive North Korea and South Korea, along with the South’s ally the United States.

The North has threatened a nuclear war with the United States in response to new United Nations sanctions over its latest nuclear test and to strike back at the South and the United States during military drills they are staging.

South Korea’s MBC television said the North’s state media services were among those affected by the cyber attack.

These included the websites of the KCNA news agency and the official Rodong Sinmun newspaper, which were said to be experiencing disruptions even though they were operating normally on Thursday and Friday.

“It is nobody’s secret that the U.S. and the South Korean puppet regime are massively bolstering up cyber forces in a bid to intensify the subversive activities and sabotages against the DPRK,” KCNA said on Friday.

“Intensive and persistent virus attacks are being made every day on Internet servers operated by the DPRK,” it said.

The Democratic People’s Republic of Korea, or DPRK, is the North’s official name.

KCNA and Rodong Sinmun have carried the North’s increasingly strident rhetoric of late, accusing the United States and South Korea of staging preparations for war and vowing to scrap the armistice that stopped fighting in the 1950-53 Korean War.

The North has also threatened to use nuclear weapons against what it called hostile forces.

North Korea in turn has been blamed for spreading malicious software that crashed the websites of government agencies and businesses, and for a cyber attack on a South Korean state-run bank server in 2011 that took more than a week to restore.

North Korea denies charges of cyber attacks and accuses the South of a conspiracy to fuel confrontation, although defectors from the North have warned that Pyongyang was recruiting thousands of computer engineers to its cyber warfare unit.

Military experts said cyber warfare was a major threat from North Korea, along with its conventional forces and its weapons of mass destruction program, that posed a security risk to utilities and communications networks in the South.

North Korea also has been accused of jamming global positioning system signals affecting hundreds of flights at South Korea’s main airport.

Earlier this week, U.S. spy agencies said for the first time that cyber attacks and cyber espionage had supplanted terrorism as the top security threat facing the United States.

The United States and China also are embroiled in a row over cyber warfare, with U.S. President Barack Obama calling his Chinese counterpart Xi Jinping to discuss the issue this week.

© 2013 The Globe and Mail Inc. All Rights Reserved.

Internet in #Korea

I’m afraid I have been spoiled…even on the cheap plan.  We are paying a whopping $20/month (3 year plan) and my speed is about 5 times faster than the fastest internet I could get when I was back in Canada where it was costing me $80/month.  So in essence, I am getting 20 times the value on the cheapest plan.  This is rated at 50Mb/second.  Just so we are clear.  That is MegaBITS(Mb) and NOT MegaBYTES(MB).  To put it in layman terms, an average DVD could technically be downloaded in about 2 minutes(assuming a 700MB file size).  Remember, this is their cheapest plan!  Next step up would be 100MB/s which means a DVD could be downloaded in 1 minute.

Now, moving is interesting.  Koreans are really good at customer service and it is pretty top-notch here.  We had to put our internet on hold until we have an address of our new place.   Our provider (KT, Korean only) allows you to put your Internet on hold up to 3 times in one year and for a maximum of 90 days each time.  Way more than most people need I think but awfully damn handy if you are a person who travels a lot for work/pleasure.  So with a bit of language-fumbling around, a few phone calls to friends and/or translation service, we managed to put our internet on hold and then go to the local office here and tell them our new address.

Today the Internet guy comes and apparently he can’t use the current setup.  He has to run a line to our place.

Now, I have to take a break and explain the construction of apartments here for a moment.  Remember that post where I briefly touched on the extreme conservatism that is pervasive here in Korea?  Well that idea applies to nearly everything here and I DO mean everything.  Including the construction of buildings.  In order for the technician to run a cable to our place, it literally will run from the top of the building, along the outside of the wall, and he has to drill a hole and feed it inside to our apartment.  Typically they drill holes through the vinyl frame of the windows and just seal it up with silicone.

Now, he asked me if it was ok to do this.  Well, I can’t just say yes because I’m not the owner of the building.  I have to get permission.  Sure it is probably just fine but I am not going to just assume that.  Koreans(Asians in general?) don’t like you doing things without asking first.  Even if you know they will say yes, they want the opportunity to be able to give you permission.

So now I have to wait and go through a long chain of people to get this number so permission can be had.  The chain, in case you were wondering, goes like this: Me -> Wife -> Supervisor -> Owner.  At lest, I hope it’s only this short.  At least we’ll have the number for next time, should anything come up again.  We will see what happens on Monday when he comes back.

North Korean hackers

“(5th LD) Transition team retracts announcement on N. Korea’s suspected hacking attempts | YONHAP NEWS”
http://english.yonhapnews.co.kr/national/2013/01/17/56/0301000000AEN20130117011200315F.HTML.

It is near comical to see this kind of news. Not the first time that North Korea has been implicated in hacking attempts but I am highly amused at the back-peddling the South Korea is now doing. “misunderstanding” is like the new politically correct word for “don’t upset North Korea”. I have no doubt in my mind, that North Korea had done having, why wouldn’t they? They are still at war with South Korea as no peace treaty has ever been signed.

” The official asked reporters to run antivirus programs and change passwords more often.”

This is laughable advice at best.  Having been in the IT industry for over 10 years and passwords and seeing the vast majority of people who have so many problems with passwords, this advice is doomed before it is heard. In fact, I wouldn’t be surprised that the main way for North Korea to get “in” is through the media.

For a few months i had set up a file server so i coupe get at any of my files while i was out of the house. I saw a nearly endless, daily attempted break-ins from chinese ip addresses. Heck, they even once cracked myth mobile provider and all my Google passwords were being routed through a Chinese server. Luckily that was the same day i decided to enable 2-step verification worth Google. For the next 4 days i was very annoyed that i kept having to enter a pin number and thought that this 2-step security thing was a pain in the ass. That was until I put the two incidents together and realized that was Google saving my butt from Chinese hackers!

It just stands to reason that North Korea would do exactly that. Hell, they could entirely be the ones behind that last hack i just mentioned.

Google & North Korea

This post crosses a few interests of mine.  Namely, Google, North Korea, Conspiracy Theory-made-manifest.

If you weren’t aware, Google’s Eric Schmidt (and ex-New Mexico Governor) Bill Richardson flew to North Korea.

google-north-korea
Schmidt & Richardson watching a North Korean using the Internet. Photo courtesy of WSJ.

Word has it that the Richardson is pressing for the release of Pae Jun Ho, an US Citizen, for “Unspecified Crimes“.

What should concern people is that right now, tensions are a little high after the missile launch and the threat of a nuclear test being performed we don’t have an official GOVERNMENT visit to work things out (although, given the history of such and the following obvious failures…) we have CORPORATE interests gallivanting about the world, making ‘nice, nice’ with ugly neighbours.  Seriously, this smacks of the whole shift from a Democratic rulership to a Corporatocracy.  It’s not like we weren’t warned about this, publicly, in the 70’s.

This movie is one of my favourites and this scene is nearly as famous as the “Mad as Hell” scene.

So, back to my current northern neighbours.  What do you think the outcome will be?  Will Google be allowed inside the ‘hermit kingdom’?  That place where the Internet is so tightly controlled that only a select few are allowed to use it?  Somehow I doubt that will change anytime soon, given how tightly controlled the state media is.  Or should I say manipulated?  Were you aware that North Korea WON the World Cup in 2010?! (Despite Spain actually winning it seems.)

So what to the South Koreans think of the North Koreans?  Oddly not much.  There is a well know pattern that North Korea hypes up some event, threatens ‘Seoul’ with retaliation and then….fails to follow through. North Korea is like the boy who cried wolf all the time.  Sure some ‘spikes’ of interest show up (Kim Jong Il dying, Rocket launch) that get people to talk a little bit, otherwise North Korea is fairly well ignored by the southern populace.

I have met some Koreans whose families originate from North Korea (English teachers from South Africa actually) and they don’t seem any different from any other regular Korean really.  So it’s back to the big, egotistical Military types running the place and making big chest-pounding displays of strength while the rest of the people go ‘meh’.

Daily View of Korea

One might think that living in Canada or the US you have the ‘ultimate freedom of expression’. It is true that ‘westerners’ have much more liberty at their fingertips that much of the rest of the world. The problem is the censorship that does happen is simply in the form that you are not aware of. It happens quietly, sneakily and it is pretty scary once you realize it. For the moment, I won’t be dwelling on it. Here in South Korea, such banning is rather blatant.

There is still a great fear in the upper echelon of Korean Society that they believe there is information out there that will harm their society. Eventually they will realize that people can make up their own minds but that is probably a loooooong way off. Tradition is hard to kill and the Koreans have been around for a very long time.

Want to know what site was banned? A travel site. What? Yeah a British travel site that provides tours to North Korea. Here’s part of the article explaining.

A British-run travel agency which specialises(sic) in tours to North Korea disclosed Monday that South Korea was blocking its website because of alleged pro-Pyongyang material.

AFP article via Google

There are actually two sites and they are www.koryogroup.com and www.koryotours.com. Now, anyone outside of Korea should be able to view them without any hindrance. I, however, using my regular channel get the above screenshot unless I do some techno-wizardry.

If you want to learn how to get around such bans and censorship, I would highly recommend you learn about Tor from EFF. Read and become illuminated.

Daily Image of Korea

So I am guessing many of you are wondering what the heck a wifi router is doing on a bus. Glad you asked. Internet service providers and cell phone service providers offer an extended service, that being access to their wifi hotspots around town. This includes many coffee shops and fast food places. It’s super handy if you just want to simply extend your home service without having a data plan on your cell phone. Or maybe the connect is just faster due to some network traffic over the 3G/HSPDA connection. In either case, it’s another indication of how far advanced connectivity is here.