The worldwide hacker collective Anonymous announced yesterday that it had hacked North Korean web servers and, among other things, the China-based North Korean propaganda site Uriminzokkiri.com, from which it claims to have stolen the data of around 15,000 users including their account names, hashed passwords, and birthdates.
But the Anonymous announcement also contained a rather bold claim for which the collective provided no supporting evidence:
We are inside your local intranets (Kwangmyong and others)
Kwangmyong is a North Korean intranet that was established in the year 2000. Although it operates much like the real internet — users use web browsers to surf pages, send emails, etc. — it is actually completely disconnected from the actual internet as a security control. Content from the internet appears on the Kwangmyong network if it has been selected, inspected, and approved by North Korean censors and there is no way to connect to it from outside North Korea. Given that, it seems rather unlikely that Anonymous has actually gained access to it, as North Korea Tech has pointed out.
Accessing Kwangmyong is not theoretically impossible; it might be accomplished by slipping some code past the censors who scan and scrub content from the world wide web before re-posting it to Kwangmyong. It also might be possible to infect the computers of North Korean officials who are privileged enough to have access to the “real” internet in addition to Kwangmyong (such access is not common and virtually unheard of for ordinary citizens).
Without any proof of such access, Anonymous’s claim seems dubious at best. The hacker collective seems to have thoroughly disrobed Uriminzokkiri, but that site is based in China and is not connected to the Kwangmyong intranet.