Featured Image Credit: Alamy
Topics: Korea, North Korea
Poppy Bilderbeck
A hacker claims to have brought down the whole of North Korea's internet as payback for being spied on by the country.
The American man, known as P4x, was one of several Western security researchers who were allegedly hacked by North Korean spies in a campaign just over a year ago.
So, while sitting at home in his pyjamas, watching Alien and eating some spicy corn snacks, P4x took to his computer in retaliation, aiming to disrupt the country's internet.
P4x claims he was hacked by North Korean spies in January 2021. While those trying to hack him reportedly came up empty handed, P4x decided to hit back, particularly after he saw a lack of response from the US government.
A spokesperson for the FBI told Wired: 'As the lead agency responsible for threat response we rely on the public and private sector to report suspicious activity and intrusions, and work together to ensure we understand what’s happening, prevent it from happening to others, and hold those responsible accountable. The FBI is committed to pursuing the malicious actors and countries behind cyberattacks, and will not tolerate intellectual property theft or intimidation.'
Advert
However, for P4x, hacking North Korea's internet 'felt like the right thing to do'. 'If they don’t see we have teeth, it’s just going to keep coming. I want them to understand that if you come at us, it means some of your infrastructure is going down for a while,' he said.
Examining the national operating system of North Korea, named Red Star OS, P4x was able to launch 'denial-of-service' attacks spanning the last two weeks, after he discovered a series of 'unpatched vulnerabilities' in the country's systems.
North Korea's internet-connected networks rely on the servers and routers P4x attacked, leading to nearly all of the country's websites to go down at some point – North Korea only has a few dozen websites, its residents instead mostly use the country's internal intranet.
'For me, this is like the size of a small-to-medium pentest [penetration test]. It's pretty interesting how easy it was to actually have some effect in there.' the hacker said.
Junade Ali, a cybersecurity researcher who monitors the internet in North Korea, explained, 'As their routers fail, it would literally then be impossible for data to be routed into North Korea.' The result of which would 'effectively [be] a total internet outage affecting the country'.
However, Martyn Williams – a researcher for 38 North Project, a North Korea-focused initiative started by the Stimson Center – thinks the hacker is 'directing his attentions to the wrong place' if he is going after the people who hacked him.
Williams suggests the hackers are actually based in other countries such as China. 'But if he just wants to annoy North Korea, then he is probably being annoying,' Williams said.
P4x considers his attacks to be similar to 'tearing down government banners or defacing buildings'. The next stage of his plan is to encourage other hackers to join him, under his 'FUNK project', which stands for 'FU North Korea', that he launched this week.
The website reads: 'This is a project to keep North Korea honest. You can make a difference as one person. The goal is to perform proportional attacks and information-gathering in order to keep NK from hacking the western world completely unchecked.'
P4x hopes to then share any information he retrieves from his hack with experts. While he acknowledges he's likely breaking hacking laws himself, P4x said he 'definitely wanted to affect the people as little as possible and the government as much as possible', saying his 'conscience is clear'.
The hacker clarified that his goal is to specifically target Kim Jong-un's regime, which he says is exhibiting 'insane human rights abuses and complete control over their population'.
The end goal? 'Regime change. No, I'm just kidding. I just want to prove a point. I want that to be very squarely proven before I stop,' he said.
If you have a story you want to tell, send it to UNILAD via [email protected]