Last month WiC reported how a leading Hong Kong hotel has become a hangout for nervy Chinese businessmen (see WiC263). But now a hostelry in Shenyang is getting headlines, after rumours that it might be hosting an even more reclusive clientele.
The speculation is that the hotel is a hotbed for North Korean hackers, and perhaps even the team responsible for last year’s cyber attack on Sony Pictures, which saw the release of five movies to file-sharing networks and the leaking of thousands of confidential documents.
Because the hermit kingdom blocks the internet for its own citizens, the suspicion is that the regime has to send its experts abroad to do their best work. And one such location – if media reports are to be believed – is the Chilbosan Hotel in Shenyang (“a secluded yet well-connected location”, according to one of the booking websites).
The hotel was first cited in a study by a US military analyst five years ago, following reports from a North Korean defector that hackers were checking-in as guests. But the Chilbosan is getting new coverage as FBI sleuths try to track the perpetrators of the Sony incursion, and as sceptical voices question whether the Chinese – North Korea’s main link to the outside world – might have had a hand in the attack.
“I can’t imagine anything this massive happening in North Korea without China being involved or at least knowing about it,” Republican senator Lindsey Graham told CNN.
But Beijing swiftly denied the allegations. “China never allows any foreign country or individual to carry out cyber attacks from Chinese soil or by using Chinese facilities,” a foreign ministry spokeswoman said.
The White House has been careful not to link the Chinese publicly to the raid, asking instead for assistance in hunting down the hackers. “What we are looking for is a blocking action, something that would cripple their efforts to carry out attacks,” one US official told the New York Times.
Then again, collaboration is likely to be limited as cyber relations have been fractious since five Chinese officers were indicted for hacking American companies last May (see WiC241 for the political aftermath).
Are there any grounds for thinking that there were any collaborators in the strike on Sony? The fact that the raid was routed through Chinese IP addresses is no great surprise as the four networks connecting Pyongyang to the wider world all pass through Chinese territory. The hackers also left their digital fingerprints in other countries, with a security firm hired by Sony tracking activity in places as diverse as Thailand and Cyprus.
Nonetheless, unidentified American intelligence officials told Fox News that the “final stage of the attack” was initiated from outside North Korea and other news outlets have intimated that Korean hackers have been operating from satellite offices in China, including the alleged outpost in Shenyang.
There is also an unspoken assumption that China could hunt down the culprits more keenly if it wanted, deploying its Great Firewall (the security network that it uses to monitor the Chinese web).
Further, the software used in the hacking is said to be unexpectedly sophisticated, implying that the North Koreans are getting their training from others (although possibly not at Lanxiang, if the coverage of the infamous ‘hacker academy’ in WiC254 is accurate).
Sympathy for Sony was in short supply in the Chinese press, though. “A movie like The Interview… is nothing to be proud of for Hollywood and US society,” finger-wagged the Global Times. “The vicious mocking of Kim is only a result of senseless cultural arrogance.” And in a commentary piece, there was even advice for the hackers. “If they truly wished to intimidate Hollywood, they should have insisted that President Obama actually watch this vulgar, unfunny ‘farce’ before being forced to defend its release under the banner of internet freedom. Then let him cringe in embarrassment,” the contributor suggested.
© ChinTell Ltd. All rights reserved.
Sponsored by HSBC.
The Week in China website and the weekly magazine publications are owned and maintained by ChinTell Limited, Hong Kong. Neither HSBC nor any member of the HSBC group of companies ("HSBC") endorses the contents and/or is involved in selecting, creating or editing the contents of the Week in China website or the Week in China magazine. The views expressed in these publications are solely the views of ChinTell Limited and do not necessarily reflect the views or investment ideas of HSBC. No responsibility will therefore be assumed by HSBC for the contents of these publications or for the errors or omissions therein.