Slow-motion information hack

By Casey Lartigue, Jr.

It was international news that almost 1,000 North Korean refugees in South Korea had their personal information stolen recently by an unknown hacker.

As was reported by numerous media outlets, North Korean refugees may be at risk of blackmail or threats to their relatives back home if North Korean agents or their associates were involved.

Large-scale cyberattacks naturally grab headlines, but there are also daily slow-motion challenges to protecting the privacy of refugees from a regime that continues targeting them even after they have escaped. I'd like to give a behind-the-scenes look at some of the challenges that come with protecting refugee information.

When the nonprofit that I co-founded with Eunkoo Lee first started connecting North Korean refugees with tutors back in 2013, we didn't have a website (or a phone, office or budget), so hackers would have been better off trying to steal information from an IBM typewriter from the 1980s.

After we got online with a website, we began detecting hacking attempts, malicious code and malware, and I began reformatting my computers routinely.

After we became an official organization in 2016, we received warnings from government officials and agencies that we could be targeted by North Korean hackers. We can't be sure if they have been North Korean agents or run-of-the-mill hackers/spammers, but we beefed up our internal defenses.

We have created a lovely organization so it can be easy for newcomers to not recognize the behind-the-scenes threats and security concerns, such as:

A few North Korean "re-defectors" featured in North Korea propaganda videos have highlighted refugees studying in our organization, leading some refugees who were public to delete their online presence, to drop off the refugee TV shows or to stop talking about North Korea. Some with low public profiles have dropped out socially after receiving blackmail threats from North Korean agents.

We have received some warnings about some North Korean refugees, including one not in our organization who allegedly was looking through the cellphone of a U.S. soldier who had gone to the bathroom. (We remind volunteers not to be too open with their information.)

Some threats come because of unlikely sources: well-meaning volunteers and thankful refugees. Some of our lovely volunteers are eager to post selfies on Facebook with refugee students, and some even named the refugees online before we ruthlessly cracked down. Some refugees have been reported in North Korea as dead or missing, so it isn't good for them to pop up on Facebook, healthy and studying English in Seoul.

Swept away in the moment of thankfulness to volunteer tutors, some refugees agreed to be in photos or featured in blog posts with tutors without informing us. Then they would have a change of heart and ask us to tell the volunteers to delete the photos or blog posts (leading to another crackdown).

Free for the first time to engage with people around the world, many refugees do so. Sometimes it can be hilarious, such as when they ask us about those messages from the alleged children of African rulers jailed and in need of someone to receive $2 million at their bank accounts. But many refugees have also fallen for scams after giving away their personal information online.

Most of the 800 volunteers who have come to us are English teachers focused on English teaching, but there are also some applicants who travel to North Korea and have connections there.

The first one to alert us to this was a self-proclaimed "North Korea watcher" who apologetically admitted that he had joined us undercover seeking to find dirt. He had believed accusations from North Korea watchers and sympathizers about us and other organizations allegedly brainwashing refugees.

Another North Korea watcher warned us that other North Korea watchers or sympathizers might try to disrupt our organization or try to collect information about refugees to share with contacts in North Korea. We reject applicants who refuse to be included in group photos or seek to remain anonymous (a few even refused to give their real names) and remind refugees to be careful.

Even our staff has had concerns. We have heard that my co-director and I have been shown in some of the propaganda videos produced by the North Korean government.

One North Korean refugee said he had started tracking me when he worked at a North Korean embassy abroad (he kept wondering what this "volunteering" for refugees thing was about). Plus, there are the usual threats from pro-North Korea activists, trolls and conspiracy theorists to destroy me and my organization.

Those things aren't to the level of headlines about almost 1,000 North Korean refugees having their information hacked, but they are part of the daily slow-motion challenge of protecting the privacy of North Korean refugees who continue to be targeted even after they have escaped from North Korea.

Casey Lartigue, Jr., co-founder of the Teach North Korean Refugees Global Education Center (TNKR) along with Eunkoo Lee, is the 2017 winner of the "Social Contribution" Prize from the Hansarang Rural Cultural Foundation and the 2017 winner of the Global Award from Challenge Korea.