The North Korean internet has been badly disrupted by the activities of a lone American hacker who has paralysed government-run websites and choked off email traffic in revenge for an earlier cyberattack directed against him by the Communist state.
Disappointed with the lack of US response, the hacker, only identified by his handle P4x, took matters into his own hands after the U.S. government failed to provide help following the North Korean cyber-attack in late January 2021, according to Wired. It's far from clear what real effects the attacks have had on the North Korean government. Only a tiny fraction of North Koreans have access to internet-connected systems.
Speaking to the media outlet, P4x recalled how a fellow hacker sent him an exploitation tool containing a “backdoor designed to provide a remote foothold on his computer.” The following day, he saw a report posted by the Google Threat Analysis Group on Jan. 25, 2021. He used his new tool and discovered that North Korea had targeted his computer. Although he reported the incident to the FBI, the bureau allegedly failed to provide help and open an investigation into the attack. “There’s really nobody on our side,” P4x said about the situation at the time.
However, P4x took matters into his own hands when he did not hear any statements from the federal government for a year.
The American hacker reportedly targeted North Korea’s internet throughout the past two weeks. Some of the websites that suffered intermittent outages include the Air Koryo booking site and Kim Jong-un's government's official portal, Naenara.
“It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” P4x told Wired. “I want them to understand that if you come at us, it means some of your infrastructure is going down for a while.”
P4x reportedly took advantage of the vulnerabilities he discovered in North Korea’s internet and automated several “Denial of Service” (DoS) attacks. A DoS is a type of cyber attack that forces a network to become inaccessible by inundating the target with traffic or exploiting vulnerabilities that trigger a crash.
P4x told Wired that he considers his attacks to be similar to a “small-to-medium pentest (penetration test),” a type of whitehat hacking activity he has done for previous clients who need to identify the vulnerabilities of their networks. “It's pretty interesting how easy it was to actually have some effect in there,” he said.
Sources: Wired, The Times