While North Korea’s hacking attacks on America aren’t occurring on the same scale as the massive Chinese and Russian wave of thefts and espionage, (the largest Nork attack was launched against Sony over The Interview), the Communist regime finances itself in part through attacks, including ransomware, in which cryptocurrency ransoms are extracted from American companies.
The Biden administration has done nothing about Chinese or Russian cyberwarfare, it goes without saying that it will do nothing about North Korea. But this is the incredible story of one man going after a Communist dictatorship’s internet capabilities from his living room.
For the past two weeks, observers of North Korea’s strange and tightly restricted corner of the internet began to notice that the country seemed to be dealing with some serious connectivity problems. On several different days, practically all of its websites—the notoriously isolated nation only has a few dozen—intermittently dropped offline en masse, from the booking site for its Air Koryo airline to Naenara, a page that serves as the official portal for dictator Kim Jong-un’s government. At least one of the central routers that allow access to the country’s networks appeared at one point to be paralyzed, crippling the Hermit Kingdom’s digital connections to the outside world.
Some North Korea watchers pointed out that the country had just carried out a series of missile tests, implying that a foreign government’s hackers might have launched a cyberattack against the rogue state to tell it to stop saber-rattling.
Our government certainly won’t do it. But one man did.
In fact, it was the work of one American man in a T-shirt, pajama pants, and slippers, sitting in his living room night after night, watching Alien movies and eating spicy corn snacks—and periodically walking over to his home office to check on the progress of the programs he was running to disrupt the internet of an entire country.
The anonymous hacker decided to fight back after the Norks came after him and our government did nothing.
Just over a year ago, an independent hacker who goes by the handle P4x was himself hacked by North Korean spies. P4x was just one victim of a hacking campaign that targeted Western security researchers with the apparent aim of stealing their hacking tools and details about software vulnerabilities. He says he managed to prevent those hackers from swiping anything of value from him. But he nonetheless felt deeply unnerved by state-sponsored hackers targeting him personally—and by the lack of any visible response from the US government.
So after a year of letting his resentment simmer, P4x has taken matters into his own hands. “It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” says the hacker.
“I want them to understand that if you come at us, it means some of your infrastructure is going down for a while.”
Imagine if our government had the guts to say and actually do that.
The hacker is basically finding vulnerabilities in North Korea’s outdated internet infrastructure and exploiting them to launch denial of service attacks. This isn’t anything all that sophisticated and it won’t do any actual damage. This isn’t like Stuxnet or sophisticated attacks aimed at inflicting real harm, DOS attacks just knock their targets offline.
“As their routers fail, it would literally then be impossible for data to be routed into North Korea,” Ali says, describing the result as “effectively a total internet outage affecting the country.”
Considering that the Norks route data for largely malicious purposes, like cyberwarfare, that’s a damn good thing.
The bigger picture takeaway here is that the Norks invested in offensive cyberwarfare capabilities, but not in defensive because they don’t expect to be attacked.
The same is likely to be true of China, Russia, Iran and other enemies who have attacked us. They know we aren’t going to fight back.
This parallels a Cold War situation in which we invested heavily in defense and they invested in offense. If we actually made China, Russia, etc have to invest in defense, they would be less likely to attack us and have fewer resources to invest in offensive operations.
The fact that we don’t do this shows exactly why we keep being attacked. If one man can do this, what’s stopping the Biden administration from doing it?
Besides cowardice and appeasement of course.