How a US hacker took down North Korea's internet in a revenge cyber-attack

WION Web Team
NEW DELHI Updated: Feb 03, 2022, 12:31 PM(IST)

Screen recordings provided by the hacker, as well as analytics of North Korea’s web activity during the supposed attacks, seem to confirm the claims. Photograph:( Twitter )

Story highlights

The North Korea began experiencing strange internet failures in mid-January, culminating on January 26 with a near-total internet blackout. The disruptions were commonly assumed to be the consequence of cyberattacks at the time, while it remained unclear who was responsible for the hacking. 

The blame for North Korea's persistent internet failures does not lie with the United States Cyber Command or any other state-sponsored hacker organisation.

In fact, it was the work of an American man, who sat in his living room night after night, watching Alien movies and munching on spicy corn snacks—and periodically walking over to his home office to check on the progress of the programmes he was running to disrupt the internet of an entire country.

North Korean spies hacked an independent hacker who goes by the handle P4x just over a year ago.

After North Korean hackers targeted him just over a year ago in an attempt to gain knowledge of undisclosed software flaws, the cybersecurity researcher, who Wired magazine only named by the nickname P4x, said he began disrupting servers located in the DPRK in retaliation.

Watch | Gravitas Plus: How did North Korea become the world's most isolated country?

He claimed that he used unpatched vulnerabilities in North Korean servers to launch a series of DDoS operations that put sections or all of the DPRK's IT infrastructure offline. 

P4x was one of the victims of a hacking campaign that targeted Western security experts with the ostensible goal of gaining access to their hacking tools and information about software flaws. 

According to Wired, the hacker's purpose was to anger the North Korean dictatorship, but experts say such attacks accomplish little more than put the international community at risk.

Watch | Gravitas: Wake-up Call? North Korea test-fires 7th missile in 1 month

If the DPRK believes the DDoS attack was directed by the US, "it offers a wide room for misunderstanding and further retaliation against US targets," according to Columbia University cyber warfare analyst Jenny Jun.

She went on to say that instead of retaliating with DDoS assaults on US targets, the DPRK may launch cyber campaigns aimed at causing similar damage. 

P4x claims that his attacks on North Korean networks are highly automated, with scripts periodically enumerating which systems are still online and then executing exploits to take them down. 

(With inputs from agencies)

Read in App