Russian Firm Provides New Internet Connection to North Korea

October 2, 2017 Last Updated: October 2, 2017

North Korea has opened a new internet connection with the outside world, this time via Russia, a move which cybersecurity experts say would strengthen the country’s internet and its ability to conduct cyberattacks.

North Korea has been blamed for several major cyberattacks in recent years, including against banks and Sony Pictures, as well as the WannaCry ransomware attack. Pyongyang has routinely denied any involvement.

Dyn Research, a company which monitors internet connectivity, said it had seen Russian telecommunications company TransTeleCom routing North Korean traffic since about 0900 GMT on Sunday.

Previous traffic was handled via China Unicom.

TransTeleCom could not be immediately reached to comment on the report.

Workers remove a poster-banner for “The Interview” from a billboard in Los Angeles on Dec. 18, 2014, a day after Sony announced was canceling the movie’s Christmas release due to a terrorist threat. Sony defended itself Thursday against a flood of criticism for canceling the movie which angered North Korea and triggered a massive cyberattack, as the crisis took a wider diplomatic turn. (Michael THURSTON/AFP/Getty Images)

North Korea‘s internet is limited to a few hundred connections. But these connections are vital for coordinating the country’s cyberattacks, said Bryce Boland, FireEye’s chief technology officer for the Asia-Pacific region.

Boland also confirmed the new connection, which was first reported by 38 North, a project of the U.S.-Korea Institute at Johns Hopkins School of Advanced International Studies (SAIS).

Boland said the Russian connection would enhance North Korea‘s ability to command future cyberattacks.

Many of the cyberattacks conducted on behalf of Pyongyang came from outside North Korea, using hijacked computers, he said, while those ordering and controlling the attacks remained inside, communicating to hackers and hijacked computers from computers within North Korea.

“This will improve the resiliency of their network and increase their ability to conduct command and control over those activities,” Boland said.

The Washington Post reported earlier that the U.S. Cyber Command has been carrying out denial of service attacks against hackers from North Korea. The operation was due to end at the weekend.