Internet analysts began noticing routing databases pick up TransTeleCom-provided connections for North Korea around 5:30 p.m. local time on Sunday, The Washington Post reported. Analysts say the new connection is handling around 60% of the country’s internet traffic, according to Reuters.
TransTeleCom would not confirm any routing deal with North Korea, Reuters said, only acknowledging that it “has historically had a junction of trunk networks with North Korea under an agreement with Korea Posts and Telecommunications Corp signed in 2009,” a company statement read.
Although the deal may seem like an enlightening step for a nation that typically bars its citizens from accessing outside information, the internet connection isn’t the country’s only link to the outside world. China Unicom, a state-sponsored Chinese telecommunications company, has been providing the internet in North Korea for seven years — the content is heavily censored by the government and access is generally limited.
Like many of North Korea’s technological developments, the additional internet connection may come with significant risks for the rest of the international community. Cybersecurity experts worry that the additional connection could be used for future North Korean cyberattacks, or become a defensive barrier to such attacks launched from countries North Korea considers hostile, including the US and neighboring South Korea.
“In practical terms, [having multiple connections] will allow additional resiliency if one of those connections were to be rendered inactive for any number of reasons,” Doug Madory, director of internet analysis at Oracle Dyn, told The Post.
“Relying on one internet provider has always left North Korea in a precarious situation,” Martyn Williams, an expert on North Korean information technology, said in a 38 North report. “More than once the link has been the target of denial-of-service attacks.”
“Most were claimed by the ‘Anonymous’ hacking collective, but on at least one previous occasion, many wondered if US intelligence services had carried out the action,” Martyn Williams continued.
The North Korean regime has good reason to implement a fail-safe for its internet. US Cyber Command, the US’s combatant command that deals with cyberspace operations, reportedly performed a denial-of-service attack on the Reconnaissance General Bureau — North Korea’s military spy agency — and disrupted the country’s internet. The operation ended on Saturday, before TransTeleCom’s internet went online, The Post reported.
“What I can tell you is that North Korea has itself been guilty of cyberattacks, and we are going to take appropriate measures to defend our networks and systems,” an anonymous senior official told The Post.
North Korea’s internet was also shut down during President Barack Obama’s second term in 2014, a few days after Obama indicated that a “proportional response” was warranted after evidence mounted of the regime’s involvement in the major Sony Pictures Entertainment hack.