North Korea now has two ways to get on the internet, thanks to a new connection from Russia, according to cybersecurity outfit FireEye Inc.
Russian telecommunications company TransTeleCom opened a new link for users in North Korea, Bryce Boland, chief technology officer for the Asia-Pacific region at FireEye, said in an interview on Monday. Until now, state-owned China United Network Communications Ltd. was the country’s sole connection. Boland was confirming an earlier report by website 38 North that said the Russian connection went live on Sunday.
The news comes at a time when China, North Korea’s chief financial backer, faces increasing pressure from the U.S. to force Kim Jong Un to halt his nuclear weapons program. U.S. President Donald Trump has threatened to destroy North Korea if the weapons dispute leads to war. The Washington Post reported Saturday that U.S. Cyber Command has targeted hackers in North Korea’s military spy agency by barraging their computer servers with traffic that choked off internet access.
“Having an additional loop via Russia gives North Korea more options for how they can operate and reduces the possibility for the United States to put pressure just on a single country to turn off their internet connectivity,” Boland said. For Russia, it offers “visibility into North Korean network traffic that might help them understand what North Korea is up to.”
The latest sanctions against North Korea are focused on oil and gas supplies, and don’t call for China to cut off internet access.
TransTeleCom, a unit of state-owned Russian Railways JSC, is one of the country’s five largest communications service providers, according to its website. The company operates a fiber optic network that runs along railway lines and stretches from Vladivostok to St. Petersburg. TransTeleCom “has historically had a junction of network links with North Korea” under a 2009 agreement with Korea Post and Telecommunications Corp, the company’s press office said in an emailed statement that offered no other details.
FireEye confirmed the availability of the new connection by checking routing tables, which act like a phone book for servers that control where to send traffic going from one place to another. The additional link may have more than doubled North Korea’s bandwidth, Boland said.
North Korea has been stepping up efforts to secure bitcoin and other cryptocurrencies, which could be used to avoid trade restrictions including new sanctions approved by the United Nations Security Council. FireEye has traced hacks of South Korean bitcoin and ethereum exchanges to North Korean operators. The incidents — including one in May that coincided with an exchange’s $15 million loss — show the difficulty in denying cash to a regime with years of experience circumventing sanctions.
“It’s good news if you are in Pyongyang and use the internet to attack other countries,” Boland said. “You now have higher resilience and higher bandwidth for your operations.”