Group of 13 North Korean defectors say they were ‘forcibly kidnapped’ by South

Pyongyang Restaurant in Jakarta, IndonesiaA group of 12 female North Korean restaurant workers and their male manager claim that their widely advertised defections in 2016 were fake, and that they were in fact abducted by South Korea’s spy services. The North Korean government maintains a chain of North Korea-themed restaurants throughout Asia, which operate as popular tourist attractions across Southeast Asia. The state-owned restaurants help provide the cash-strapped regime in Pyongyang with desperately needed foreign funds. The North Korean staff —almost all of them female— who work at these restaurants are carefully vetted and chosen to represent the reclusive regime abroad. Some observers claim that these restaurants serve “as a main front to conduct intelligence gathering and surveillance [against foreign] politicians, diplomats, top corporate figures and businessmen”.

In April of 2016, the entire staff of a North Korean restaurant in the Chinese city of Ningbo defected. They disappeared all of a sudden, and reappeared a few days later in South Korean capital Seoul, where South Korean authorities held a press conference. The South Koreans told reporters that the 13 North Koreans had decided to defect after watching South Korean television dramas, which allegedly caused them to lose faith in the North Korean system of rule. But Pyongyang dismissed the defections as propaganda and claimed that its citizens had been abducted by South Korean intelligence.

Now in a shocking interview published by South Korea’s Yonhap news agency, Ho Kang-il, the male manager of the North Korean restaurant in Ningbo said that he and his staff had been forcibly taken to South Korea. Ho told Yonhap that he had been approached by officers of South Korea’s National Intelligence Service (NIS) who tried to entice him to defect to South Korea. They told him that he could open a restaurant if he chose to lead a new life in the south. Initially Ho said he was interested in the offer. But when he appeared to change his mind, the NIS officers threatened to inform the North Korean embassy in China that he had been speaking with them. Ho also said that the NIS officers blackmailed his staff at the restaurant using similar methods. Consequently, all 13 of them decided to cooperate with the NIS, as they “had no choice but to do what they told [us] to do”, said Ho.

On Sunday, the United Nations’ Special Rapporteur on Human Rights in North Korea, Ojea Quintana, said during a press conference that the UN was concerned about the allegations made by Ho. He also said that some of the North Korean defectors had told UN personnel that they left China without knowledge of where they were being taken by South Korean intelligence. Quintana concluded his remarks by calling for a “thorough investigation” into the alleged abductions of the North Koreans.

Author: Joseph Fitsanakis | Date: 18 July 2018 | Permalink

Advertisements

North Korea asked Israel for $1 billion to stop giving missile technology to Iran

Thae Yong-HoNorth Korea offered to stop selling missile technology to Iran and other enemies of Israel in exchange for $1 billion in cash from the Jewish state, according to former senior North Korean diplomat who has now defected. The account of the offer can be read in Password from the Third Floor, a book published earlier this year by Thae Yong Ho. Thae, a member of a prominent North Korean family, defected with his wife and children in 2016, while he was serving as a senior member of the diplomatic staff of the North Korean embassy in London. News of Thae’s defection emerged on August 16, 2016, when a South Korean newspaper reported that he had disappeared from London after having escaped with his family “to a third country”. Thae later emerged in Seoul, from where he publicly denounced the North Korean regime.

Now Thae has written a book about his experiences as a North Korean diplomat from a family that is close to the country’s ruling Kim dynasty. In his memoir, Thae claims that he acted as a translator during a series of meetings between Son Mu Sin and Gideon Ben Ami, respectively North Korea’s and Israel’s ambassadors to Sweden. The alleged meetings took place in secret in the winter of 1999 in Stockholm, says Thae. During the first meeting, Son allegedly told Ben Ami that Pyongyang had a series of agreements to sell ballistic missile technology and know-how to Israel’s adversaries, such as Syria, Pakistan and Iran. However, the North Korean government would be willing to scrap the agreements in exchange for $1 billion in cash from Israel, said Son. Ben Ami reportedly told his North Korean counterpart that he would pass along his offer to the Israeli government. Three days later, says Thae, the two men held another secret meeting, during which the North Korean ambassador was told that Israel was not willing to pay Pyongyang $1 billion in cash. However, it could offer humanitarian aid of equal value. But according to Thae the North Koreans refused and “the talks ended without an agreement”.

It is believed that North Korea then went ahead and supplied both Syria and Iran with missile and nuclear technology. On Sunday, The Wall Street Journal reported that it contacted the government of Israel with several questions stemming from Thae’s account of the alleged diplomatic exchange of 1999. However, it received no response. The paper also tried to elicit responses from Ben Ami and Son, but had no success. According to The Journal, Ben Ami said during a television interview last week that he held three meetings with a group of North Korean officials in 1999. But he did not name the diplomats, nor did he discuss the subject of his conversations with them.

Author: Joseph Fitsanakis | Date: 10 July 2018 | Permalink

Senior North Korean counterintelligence official believed to have defected

Chilbosan HotelOne of North Korea’s most senior intelligence officials, who played a major role in building Pyongyang’s nuclear weapons program, has disappeared and is believed to have defected to France or Britain, according to sources. South Korean media identified the missing official as “Mr. Kang”, and said he is a colonel in North Korea’s State Security Department (SSD), also known as Ministry of State Security. Mr. Kang, who is in his mid-50s, enjoyed a life of privilege in North Korea, because he is related to Kang Pan-sok (1892-1932), a leading North Korean communist activist and mother to the country’s late founder, Kim Il-sung.

According to South Korean reports, Kang was in charge of North Korea’s counter-espionage operations in Russia and Southeast Asia, including China. He is also believed to have facilitated secret visits to Pyongyang by foreign nuclear scientists, who helped build North Korea’s nuclear weapons program. In recent years, Kang was reportedly based in Shenyang, the largest Chinese city near the North Korean border, which is home to a sizeable ethnic Korean population. According to reports, Kang led Unit 121, an elite North Korean hacker group based in Shenyang, with the aim of carrying out cyber-attacks without implicating North Korea. The South Korean-based DailyNK website said on Wednesday that Kang had been based at the Zhongpu International Hotel in Shenyang (until recently named Chilbosan Hotel), which has historically been operated through a joint Chinese-North Korean business venture and is known to host numerous North Korean government officials.

But according to DailyNK, Kang disappeared from Shenyang in February and is now believed to have defected, possibly “to France or Great Britain”. The Seoul-based website said Kang took “a lot of foreign currency with him” as well as “a machine capable of printing American dollars”. Following Kang’s disappearance, the government in Pyongyang launched a worldwide manhunt for him, sending at least 10 agents to assassinate him before he is given political asylum in the West, said DailyNK. Pang’s family, including his wife and children, are believed to still be in Pyongyang.

Author: Joseph Fitsanakis | Date: 3 May 2018 | Permalink

CIA is running informal negotiation channels with North Korea, say sources

Mike PompeoThe Central Intelligence Agency has reportedly established back channels for negotiation between the United States and North Korea, which the Department of State is now using to communicate with Pyongyang. Rex Tillerson, who was summarily fired as US Secretary of State by President Donald Trump last week, was famously in favor of diplomatic negotiations between the US and North Korea. The White House had resisted and even publicly criticized Tillerson’s views. Ironically, Tillerson was fired just as his pro-diplomacy views on North Korea are being adopted by the White House.

It is now the task of the new US Secretary of State, Mike Pompeo to help facilitate President’ Trump’s desire to meet with North Korean Supreme Leader Kim Jong-un. On Sunday, US television network CBS reported that Pompeo had already established an informal negotiation channel with Pyongyang during his prior post as director of the Central Intelligence Agency. According to CBS, the CIA used the back channel to communicate directly with the North Korean regime, bypassing the Department of State, which is the traditional instrument of US foreign policy. The network quoted “two current and one former” US officials, which it did not name.

Now that Pompeo has been placed in charge of the Department of State, said CBS, he has already tapped into the CIA’s direct line of communication with Pyongyang, and has begun utilizing it as Secretary of State. The CIA remains in charge of the channel, according to the television network. Meanwhile, German news media said on Sunday that North Korea’s missiles could now reach Germany and other areas of Western Europe. The reports quoted Dr. Ole Diehl, deputy director of the BND, Germany’s foreign-intelligence agency, who allegedly made the statement at a closed-door meeting of the Bundestag, Germany’s parliament.

Author: Joseph Fitsanakis | Date: 19 March 2018 | Permalink

US spy agency to help human rights groups monitor North Korea

NGAThe National Geospatial-Intelligence Agency (NGA), one of America’s most secretive spy organizations, will work with a number of human-rights groups to monitor human rights in North Korea, according to a senior NGA official. Formed in 1996 as the National Imagery and Mapping Agency, the NGA operates under the supervision of the US Department of Defense. It is tasked with supporting US national security by collecting, analyzing and distributing geospatial intelligence. It also performs a combat-support mission for the Pentagon. The agency collects most of its data from satellites, surveillance aircraft and unmanned surveillance drones. Headquartered in a vast 2.3 million square foot building in Washington, the NGA is known for its secretive nature and rarely makes headlines.

Recently, however, NGA data expert Chris Rasmussen told Foreign Policy that the agency is finalizing an innovative agreement to work with human rights groups on North Korea. Rasmussen, a longtime military analyst, said that the NGA would provide the groups with access to raw imagery collected through airborne reconnaissance, and would share with them analyses by its experts. The groups would also be able to use a digital imagery application developed by NGA for use by its analysts. The human rights groups specialize on human rights in North Korea and have in the past used commercial satellite imagery data to help locate mass execution sites and mass graves in the secretive Asian country. They have also been able to locate concentration camps and have evaluated the impact of natural disasters in North Korea. Now the NGA will share its intelligence collection arsenal with these groups, in an attempt to shed further light on the state of human rights in North Korea.

Rasmussen said he could not yet reveal the names of the human rights groups that the NGA is preparing to work with, nor give details about the precise topics that the collaboration would focus on, because the official agreements are still being formalized. However, he said that no US intelligence agency had ever worked so closely with human rights organizations. “This kind of collaboration has never been done before with an intelligence agency”, said Rasmussen. He added that the NGA is hoping to use this collaboration as an incubator to “expand to other areas” with human rights groups and think tanks.

Author: Joseph Fitsanakis | Date: 05 March 2018 | Permalink

North Korean leaders used fraudulent Brazilian passports to travel abroad

Josef PwagThe late Supreme Leader of North Korea, Kim Jong-il, and his son and current Supreme Leader Kim Jong-un, used forged Brazilian passports to secure visas for overseas trips and to travel abroad undetected, according to reports. The Reuters news agency cited five anonymous “senior Western European security sources” in claiming that the two North Korean leaders’ images appear on Brazilian passports issued in the 1990s. The news agency posted images of the passports, which appear to display photographs of Kim Jong-il and Kim Jong-un. It said that the two leaders’ faces had been verified through the use of facial recognition software.

The passports were issued in the name of Josef Pwag and Ijong Tchoi. Both bear fake dates of birth and list Sao Paulo, Brazil, as the passport holders’ birthplace. Both passports bear the issuance stamp of the “Embassy of Brazil in Prague”, Czech Republic, and are dated February 26, 1996. Reuters cited an anonymous source from Brazil, who said that the fake passports were not forged from scratch. They were in fact genuine travel documents that had been sent out in blank form for use by the Brazilian embassy’s passport issuance office. The Reuters report quotes an unnamed Western security official who said that the forged passports were mostly likely used by their holders to secure travel visas from foreign embassies in Southeast Asia, mostly in Japan and Hong Kong. They could also have been used as back-ups, in case the two Kims needed to be evacuated from North Korea in an emergency —for instance an adversarial military coup or a foreign military invasion. At the very least, the passports indicate a desire to secure and safeguard the Kims’ ability to travel internationally.

North Korea’s intelligence services are known for making extensive use of fraudulent passports. Readers of this blog will recall that the two female North Korean agents who killed Kim Jong-nam, Kim Jong-un’s half-brother, in February of 2017, had been supplied with forged passports. The two women, who are now in prison in Malaysia, were using Indonesian and Vietnamese passports.

Reuters said it contacted the Ministry of Foreign Affairs of Brazil, which said it was still investigating the whether the two passports were indeed issued to members of North Korea’s ruling family, and how they came to be issued. The news agency also contacted the embassy of North Korea in Brazil, but officials there declined to comment.

Author: Joseph Fitsanakis | Date: 01 March 2018 | Permalink

Previously obscure N. Korean hacker group is now stronger than ever, say experts

APT37A little-known North Korean cyber espionage group has widened its scope and increased its sophistication in the past year, and now threatens targets worldwide, according to a new report by a leading cyber security firm. Since 2010, most cyber-attacks by North Korean hackers have been attributed to a group dubbed “Lazarus” by cyber security specialists. The Lazarus Group is thought to have perpetrated the infamous Sony Pictures attacks in 2014, and the worldwide wave or ransomware attacks dubbed WannaCry by experts in 2017. It is widely believed that the Lazarus Group operates on behalf of the government of North Korea. Most of its operations constitute destructive attacks —mostly cyber sabotage— and financial criminal activity.

For the past six years, a smaller hacker element within the Lazarus Group has engaged in intelligence collection and cyber espionage. Cyber security researchers have dubbed this sub-element “APT37”, “ScarCruft” or “Group123”. Historically, APT37 has focused on civilian and military targets with links to the South Korean government. The hacker group has also targeted human rights groups and individual North Korean defectors living in South Korea. However, a new report warns that APT37 has significantly expanded its activities in terms of both scope and sophistication in the past year. The report, published on Tuesday by the cyber security firm FireEye, suggests that APT37 has recently struck at targets in countries like Vietnam and Japan, and that its activities have disrupted telecommunications networks and commercial hubs in the Middle East.

According to the FireEye report, aerospace companies, financial institutions and telecom- munications service providers in at least three continents have been targeted by APT37 in recent months. What is even more worrying, says the report, is that the hacker group is now capable of exploiting so-called “zero-day” vulnerabilities. These are software bugs and glitches in commonly used software, which have not been detected by software providers and are therefore exploitable by malicious hackers. FireEye said in its report that the North Korean regime will be tempted to use APT37 increasingly often “in previously unfamiliar roles and regions”, as cyber security experts are catching up with some of Pyongyang’s more visible hacker groups, such as Lazarus.

Author: Joseph Fitsanakis | Date: 21 February 2018 | Permalink