North Korea’s Bizarre Internet

Everything We Know About Internet in North Korea

North Korea — known as the Democratic People’s Republic of Korea (DPRK) — is a secretive and unpredictable place. Its 25 million residents live in a completely isolated environment, where information is tightly controlled by the state. And its citizens cannot enjoy simple things that we take for granted, from home-brewed alcohol to sarcasm.

Most North Koreans are banned from using the internet as we know it. The authorities control practically all information, and penalties for dissent are severe. Only high-ranking officials and university professors are granted access to the full internet without supervision. And even these people could well be too scared to take advantage of the privilege due to heavy monitoring. The only way for a regular citizen to get online is to use a black market device near the border, or to chance upon an open WiFi network.

This article pulls together everything we know about the internet in North Korea.

Access to North Korea’s Tiny Internet

With just 1,024 IP addresses, and just four networks, North Korea’s internet footprint is incredibly small. Doug Madory, director of internet analysis at Dyn Research, says that North Korea has around the same amount of internet traffic as one medium-sized office in the USA.

Kim Jong-il may have been a self-proclaimed “internet expert,” but he was less keen to allow citizens to embrace the web. Millions of North Koreans may not even know the internet exists, and those who do are likely rich, privileged, or in possession of devices that have been smuggled in from China. Many of the elites live in Pyongyang, a city made up of healthy and obedient citizens that are rewarded with some form of an urban lifestyle. This may include restricted internet use.

Bureau 27 is a North Korean government department dedicated to tracking down illegal internet use. Penalties for unauthorized internet use include internment in a Gulag-style camp — not just for the offender but their whole family. One defector, So-kyung, describes the likely outcome: “In a bad case, we would be sent to the political prison camp, where we would expect a long prison term. In a lighter case, we would be sent to a reform facility, and imprisonment would be for 1-2 years.”

The Internet Came Late — Decades Late

North Korea had no internet connection at all before 2003. High-ranking officials could get online, but only if they dialed a Chinese ISP. In 2003, a satellite connection was established, in conjunction with a German company, KCC Europe. Now, North Korea is connected via one fiber link to Dandong, via China Unicom, with a backup link likely provided by Intelsat.

Since 2009, the country has its own internet service provider, Star Joint Venture Co. It has no competitors. And home internet connectivity is more or less unheard of; the majority of the population likely does not have reliable power anyway. However, analysis suggests that the internet is being used more under Kim Jong-un, even if the number of users has not noticeably increased.

Internet cafes do exist, but are monitored. One, in Chungjin, is called the Information Technology Store, and runs computer classes. The price of lessons are prohibitively expensive for the majority of DPRK citizens.

Internet Is Available to Foreigners — But Still Censored

Foreign journalists were first granted open internet access in October 2010, but for many, access is provided via a proxy. Internet access is also available for foreign visitors at hotels and airports, as is shown in the video below.

However, due to a policy change in April 2016, Facebook, Twitter, and YouTube are all blocked. So are all South Korean websites.

Embassies are prohibited from offering WiFi connectivity, after open WiFi networks were suspected to be in use by citizens. In fact, open WiFi is such a rare commodity, it caused a 2014 housing boom, as people moved closer to the neighborhoods where embassies are located.

Offline Content Smuggled Into North Korea

North Korean citizens access legal and illegal media via DVD and other formats. The Notel is a common (and legal) DVD player in North Korea, which is popular for its small size and battery power. However, some citizens have access to black market versions of the Notel that include USB and SD card readers.

Organizations such as Flash Drives for Freedom and the Human Rights Foundation repurpose old USB sticks by loading them with foreign media, then smuggling them into the country. Defectors also distribute USB sticks using helium balloons, a way of distributing anti-DPRK materials, web content, and videos. Some North Koreans read offline copies of Wikipedia using this method.

The Fragile North Korean Internet

North Korea’s internet infrastructure is notably unreliable. The country’s entire internet presence has completely vanished on multiple occasions. And while some of these outages are known to be the result of hacks, many are thought to be entirely self-inflicted.

Outside Hacking

The most well-known outage came about after Sony pictures released the James Franco, Seth Rogen comedy The Interview. Sony’s servers were hacked in response. North Korea is thought to have its own government hacking squad, consisting of students from Kim Chaek University of Technology and Kim Il-sung University. But there was confusion as to whether the government was behind the hack. Cybersecurity experts voiced doubt that state hackers were responsible, despite media claims to the contrary.

Shortly before The Interview’s delayed (and limited) release, there was a complete outage of the North Korean internet. It lasted 10 hours. Although some pointed fingers at the US government, some believe the hack was likely carried out by a US hacker group that was unhappy that the movie had been pulled.

Some media reports claim that this was a “massive” outage. It was, but only in the sense that North Korea’s entire internet was affected. In real terms, it is likely that the majority of citizens would have experienced absolutely no consequences.

Internal Problems — Or Just the Night Manager?

There have been plenty of other complete internet outages, although not all are thought to be the result of hacks or DDoS attacks. In early 2016, Dyn Research noticed that the North Korean internet was going down at weirdly regular intervals. Doug Madory, the director of internet analysis at Dyn, thinks the cause could be wonderfully mundane. “Based on the timings, I would guess that a human was doing something at [11:45 pm local time] that included rebooting their router.”

If this is true, it adds credence to the theory that the entire country’s internet goes through a single switch.

North Korea’s Shockingly Tiny Web

The .kp top-level domain (TLD) was created in September 2007, and assigned 1,024 IP addresses. These IPs were not used until June 2010. The .kp TLD was administered by KCC Europe until 2011, when all .kp websites suddenly stopped working. They only reappeared when the DPRK switched its domain management to Star Joint Venture Co, the government’s relatively new ISP.

Matthew Bryant, a security engineer working for Uber, created  a script to capture data from North Korea’s DNS servers if global DNS zone transfers were ever enabled. In September 2016, it finally happened. North Korea temporarily changed the settings on its DNS servers, revealing all of the websites using the .kp domain. The grand total was just 28.

Live Websites

Here are the websites that appear to be functional:

Dead Websites

The DNS leak detailed 9 other domains that are not functional at the time of writing:

  • http://portal.net.kp
  • http://rcc.net.kp
  • http://rep.kp
  • http://silibank.net.kp
  • http://star-co.net.kp
  • http://star-di.net.kp
  • http://star.co.kp
  • http://star.edu.kp
  • http://star.net.kp.

Before the DNS zone leak, earlier reports mentioned another domain, http://lrit-dc.star.net.kp. This was thought to be linked to a datacenter called DPR Korea National Data Center. Right now, this domain is not functional, so it’s unclear whether the country has any form of datacenter in operation.

North Korea does own and operate websites outside its own country. It briefly ran a publicly accessible ecommerce site, Chollima, which launched in early 2008, but closed down less than 3 years later. It was hosted in China.

In 2002, North Korea launched a lottery site named DPRKlotto.com. It also ran a gambling site aimed at South Koreans, Jupae.com, which was eventually blocked. North Korea has owned, or is currently running, a selection of news sites hosted in Japan, China, and the USA.

The August Web Design of North Korea

On the majority of North Korean websites, the names of all three Supreme Leaders are displayed larger than the text that surrounds them. This appears to be consistent across most North Korean websites that we can access.

This effect is clearly visible on the Kim Il-Sung University website:

Increased font size

On the university website, the designers achieve this effect by using span tags that surround the leaders’ names. The span tag uses a CSS class named “august” that is defined as follows:


.august {
	font-size: 110%;
	font-weight: bold;
}

North Korea also has its own KPS 9566 character set (PDF). Within it, there are two variants of the DPRK party logo, and special characters to create the names of the Supreme Leaders.

North Korea’s Potential Internet Is Also Small

North Korea’s public IP address block is 175.45.176.0 – 175.45.179.255.

It also has block assigned via a Chinese provider, 210.52.109.0 – 210.52.109.255, and a second from Russian satellite company SatGate, 77.94.35.0 – 77.94.35.255.

To put this in perspective, a small US corporation would have a similar number of IP addresses. For example, IBM owns its own /8 block, which gives it 16,000 times as many IP addresses as North Korea.

According to Will Scott, who worked as a computer science instructor at the Pyongyang University of Science and Technology, there’s no obvious use of IPv6 yet.

NKNetObserver provides a detailed explanation of North Korea’s DNS, including some of the computers that are in use, and offers some of its log files for download. At least one Macbook has been detected using the internet, and there’s a huge amount of tantalizing detail, including evidence of the use of VMWare.

Intranet Foreigners Can’t Use — Nor Most North Koreans

Kwangmyong (or “Bright” in English) is North Korea’s “national area network.” It was launched in 2000, and is available only to North Korean nationals. No known locations have access to the internet and intranet at the same time.

Will Scott says that Kwangmyong is not supervised by officials as it is used. “I think you would find a surprising lack of technical surveillance on the intranet, due largely to the high level of self-censorship built into the collective psyche in the country.”

Experts believe less than 10% of the population have used Kywangmyong. The only information available about its content has been provided by defectors, or via videos and photos of computer labs.

Kwangmyong is managed by the Korea Computer Center, which actively develops and upgrades it. It offers email, newsgroups, translation, and search engine functionality. Anyone who sends an email must obviously expect their message to be screened.

Computers are extremely rare outside Pyongyang, so most people would use Kwangmyong in a library, university, hotel, or government department. If information cannot be found on Kwangmyong, users can ask an official to retrieve it from the wider internet, after the necessary security checks. The information will normally be returned to them within a few days — like retrieving a rare document from a government library in the west.

North Korean Intranet Is 100 Times Larger Than Internet

Organisations must have state permission to place a site on Kwangmyong. It has between 2,500 and 5,000 active sites, with its own DNS service. It uses URLs, but users seem to prefer typing in IP addresses directly, perhaps because they find the Roman alphabet difficult to use.

In July 2015, Aram Pan spotted a poster advertising a small selection of Kwangmyong intranet sites, along with their internal IP addresses. North Korea Tech provided some translations for these sites, along with the IPs that would be used to reach them on the country’s internal “national area network.” The list includes educational websites, universities, and government departments. Interestingly, some of the IPs use the space we would recognize as private (192.168.x.x, for example).

Other Services

North Korea has some form of connected e-learning system on a closed educational network. It provides live teleconferencing and archived video content, and allows files to be transferred between teachers and students.

High Tech Hardware in North Korea

North Korea is banned from importing many electrical goods. So goods from Apple or Samsung are rare. (Of course, Kim Jong-un has been seen using both an iMac and a MacBook Pro.) Most hardware is imported from China or Russia, and sold at electronic markets.

North Korea has its own state-approved PDAs. There are also several approved tablets. The Noul Android tablet and the Achim tablet have been superseded by the Samjiyon, developed by the Multimedia Technology Research Institute of the Korea Computer Center.

The Samjiyon has a 1.2 GHz CPU, 1 GB RAM, 8 GB storage, a front-facing camera, and a 7" screen. It runs Android 4.0.4 (Ice Cream Sandwich). The tourist who purchased it paid $200, which would be well beyond the reach of an average citizen. The WiFi has been disabled to prevent unauthorized internet access on the device. However, the Samjiyon does have an analog TV tuner, and an aerial that pops out of the side. Naturally, the TV tuner is locked to North Korean stations only.

North Korea’s Very Own Operating System

Red Star OS is North Korea’s state-approved operating system. It was first released in 2002, and was developed by the Korea Computer Center. The OS uses the Juche calendar. It appears to be use for some North Korean web servers (some appear to be running Windows).

Version 3.0 looks very much like Mac OS X — a shift from version 2.0, which looked like Windows.

Red Star OS is Linux based. It is thought to be a heavily modified version of Red Hat/Fedora. It runs a modified version of Firefox, called Naenara, and includes OpenOffice.

The whole system is designed with security in mind. It has no root, and is prone to rebooting itself if it detects tampering. Media files are stamped with a covert watermark to detect illegal distribution.

Every aspect of Red Star OS has been tailored to the North Korean market. In version 2.0, its startup and shutdown chimes were based on a traditional folk song, Arirang.

Will Scott gave a demo of RedStar v3.0 at the end of 2014, after purchasing a copy in Pyongyang for 25¢.

It is possible to download Red Star OS v3 via torrent, if you like living life on the edge.

Mobile Technology Is Surprising Widespread

North Korea has a checkered past when it comes to embracing mobile technology. It initially adopted mobile phones in 2002, only for them to be banned two years later when there was a suspected assassination attempt on Kim Jong-il, which was thought to involve a cellphone bomb.

Since 2008, the country has had its own 3G network, Koryolink, which is run with Orascom of Egypt. Koryolink now has 2 million subscribers. It is even advertised on television.

North Korean users cannot use 3G, or make international calls. However, phones are relatively common in Pyongyang. Citizens can buy a range of state-approved Android handsets, such as the Arirang and the Pyongyang 2407. These devices do not offer internet access via WiFi.

Kim Jong-un is thought to use a HTC device, rather than a state-approved handset.

Koryolink runs a separate network for tourists and press visitors. These users can access the internet via 3G. SIM cards can be purchased on arrival in the country, but these SIMs cannot call North Korean numbers, and can only dial internationally. Tourists can use their own SIM card from home, but there’s no roaming arrangement, so no internet access at all.

Some North Koreans can connect to 3G close to the Chinese border, using smartphones smuggled into the country from China.

Summary

North Korea may be a tightly-controlled country, but its capital city isn’t technologically unaware. The more privileged the individual, the more chance there is that they have some exposure to their domestic intranet, or even a controlled version of the wider internet.

Outside Pyongyang, the picture is far less clear. But access to western media is a crime punishable by death. And the use of an unauthorized mobile network is likely to result in up to 2 years’ hard labor.

Get Exclusive "Subscribers Only" Content

Join our newsletter & be first to hear when we publish new posts.

Get Exclusive "Subscribers Only" Content

Join our newsletter & be first to hear when we publish new posts.

Twitter Facebook

Discussion

What Do You Think?

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>