Recorded Future analyzed North Korean senior leadership internet activity from March to August 2018 using third-party data, geolocation, BGP routing, and OSINT to understand how the ruling elite use global connectivity. The excerpt identifies three main access paths for elite users: the 175.45.176.0/22 .kp range routed through China Unicom and partly TransTelekom, China Netcom's 210.52.109.0/24 KPTC range, and a Russian satellite-linked 77.94.35.0/24 range resolving to SatGate in Lebanon. Behavioral shifts showed more weekday internet use, reduced weekend entertainment activity, and moderated but still present operational security use involving VPNs, VPS, TLS, and Tor. The report also ties elite internet use to sanctions-circumvention and revenue activity, including suspected North Korea-linked cryptocurrency scams such as Marine Chain and possibly Interstellar/Stellar/HOLD/HUZU.