Over the last few weeks of January the Internet in North Korea was observed to be down.
The blackout of Kim Jong-un’s internet connectivity, although intermittent, was hugely disruptive with reports suggesting an “attack against North Korean servers took the entire country off the internet.”
The timing of these attacks coincided with the latest bunch of missile tests, the internet blackout just mentioned coming the day after the fifth such test took place.
It should come as no surprise, then, that suspicion for the takedown fell upon nation states in the west. In particular, the U.S. Cyber Command was thought to be a primary suspect.
An American hacker, identified only as P4x, claims to be the person behind the blackouts.
According to the Wired article, P4x wanted to send a message to the North Korean government. “I want them to understand that if you come at us, it means some of your infrastructure is going down for a while,” he told Wired.
P4x reveals that the original hacking campaign that targeted security researchers had been unsuccessful in his case. However, it did leave him feeling “deeply unnerved” not only by being on the receiving end of North Korean state-sponsored hacking attention but also at the “lack of any visible response from the U.S. government.”
Having taken his time, and in essence performed a penetration test against North Korean internet infrastructure systems, he had all he needed to launch the denial-of-service attacks.
These targeted vulnerabilities found in servers and routers that had failed to be patched, and which were largely responsible for connecting the outside world to North Korean sites as well as services such as email.