Why a US Hacker Shut Down All North Korean Internet

A security expert took revenge on North Korea by taking down the whole country's internet.

According to Wired, a hacker from the United States who goes by the nickname P4x has claimed credit for shutting down the internet in North Korea. It has no more than a few dozen websites, most of which are devoted to disseminating state propaganda. Every tiny bit of information is strictly controlled by government officials.

P4x’s motivations

computer hacker

Over the years, hackers, who are typically associated with doing awful things on the internet, have taken on the roles of activists. While operating under secret identities, they reveal classified documents to the general public and even try to prevent an army buildup near borders amid rising tensions. P4x’s motivations are not based on moral principles but rather very straightforward: its personal.

P4x received a suspicious file with it North Korean hackers targeted U.S. security experts, prompting P4x to investigate less than 24 hours later. The file that was delivered to him featured a backdoor vulnerability that allowed the sender to take control of his machine without their knowledge. Fortunately, P4x could access the file on a virtual machine, which shielded his computer system from the attack.

Advertisements

The counterattack

FBI
Image Source: Fbi.gov

The Federal Bureau of Investigation (FBI) contacted P4x, requesting information on the assault and the degree of its damage, but did not offer any protection against such attacks in the future. P4x declined to comment more. After a year had passed, and P4x had received no word of any action being taken against the North Korean hackers, nor had he received any formal acknowledgment of the assault from the United States government, he decided to take matters into his own hands.

In screen recordings made available to Wired, P4x explained how he discovered a slew of software flaws in North Korean computers. By exploiting those vulnerabilities, P4x was able to overwhelm the websites and bring them down, resulting in a denial of service attack (DDoS) all on his own. The majority of P4x’s attacks were automated, and they assisted him to identify further weaknesses in the system, which he could exploit in the future.

According to Wired, the timing of P4x’s attacks and the downtime of the websites were confirmed through the use of an uptime measuring service called Pingdom. According to Wired, primary servers went down shortly after the attacks, which also brought down email and other internet-based services in addition to the websites. P4x does not wish to disclose these vulnerabilities since doing so publicly will make it simpler for North Korea to exploit them and exploit them further.

Advertisements

More to come?

According to research published by Wired, only a small portion of North Korea’s population has access to the internet, with the majority of people able to access only the country’s intranet. As a result, P4x’s attacks have not caused widespread concern in North Korea, except for a few officials in the government. According to Wired, taking this a step further, he intends to build an underground network of hackers who will refine their attacks on North Korea and steal more information from North Korean websites.

He is also taking a shot at the United States government, which has done nothing to safeguard individual users such as himself in recent years. Some analysts told Wired that his attacks might be interfering with intelligence operations that the United States government and its partners are conducting.

P4x doesn’t seem to be bothered by the consequences of his actions. After all, he’s got nothing to lose.

Advertisements

This is an excellent example of how non-state actors have used the internet to their advantage. Such acts will only increase in the times to come, with more and more skilled individuals joining the bandwagon against what they call “oppressive regimes.” It’s not only the North Koreans who are vulnerable to this kind of attack. We’ve seen Syrian hackers defacing Israel websites, U.S. officials knocking out Wikileaks, and even the Iranians taking down a Saudi website.