In January, something strange happened in North Korea. The entire nation’s internet kept blacking out. The notoriously restrictive country runs a few dozen websites from the booking site for its national airline to a page that serves as the official portal for Kim Jong-un’s government. The timing of the outages was peculiar. They coincided with a bunch of North Korean missile tests…prompting suspicions that the US Defense Department might have been behind it. After all, a single independent hacker couldn’t have pulled off such an audacious attack.
Could they? Well, Wired magazine interviewed an American hacker who does claim to be behind the blackouts. According to the news outlet, they’ve seen screen recordings to back up his claims. He’s known only as “P4x” due to concerns for his safety. He says he carried out his attacks for revenge. In January 2021, North Korean hackers attacked him and other security researchers who used Windows PCs and Google Chrome. Google says the North Korean hackers set up Twitter accounts pretending to be cybersecurity bloggers and shared links with their victims to a blog with malware that contained a backdoor to try to access the victims’ device remotely without their knowledge.
Google never said how successful the hackers were. P4x was shocked that North Korea tried to target him though in his case, they didn’t succeed. Nonetheless, it left him “deeply unnerved” by the attack and also what he felt was a lack of response from the U.S. government. So, he slowly cooked up a plan to get even, waiting a year to launch an attack of his own. He says he took North Korea offline while in his pajamas watching the film Aliens and munching on spicy corn snacks!
North Korea News, an information source that provides news about the country, reported a Distributed Denial of Service (DDoS) attack on January 14 followed by another on January 26. P4x says he targeted “vulnerabilities” in North Korean systems. He didn’t describe what those are because he doesn’t want Pyongyang to defend against them in the future. He did give an example of a bug that mishandles certain HTTP headers that allowed him to flood the servers, overwhelming them and knocking them offline. Almost every North Korean website went down.
So did email and all internet-based services. Though it didn’t affect access to sites hosted outside that country. But what did the hack achieve? After all, virtually no citizens in the hermit kingdom can access the internet. Only a few thousand have special permission to go online in a country of nearly 26 million. So as hard as it is for foreigners to understand what’s happening inside North Korea, it’s even harder for North Koreans to understand anything about the outside world. P4x admits his own hacking was symbolic. Akin to tearing down government banners or defacing buildings.
He told Wired he did it to send a message to North Korea that he wouldn’t tolerate their hacking: “If they don’t see we have teeth, it’s just going to keep coming.” North Korea’s cyber warfare has caught the West off guard. Ironically, a country that’s closed itself off from the rest of the world has produced some of the world’s most efficient hackers. 7,000 North Koreans are estimated to be employed in their country’s cyber program. They often operate abroad, in countries like China where there’s better access to information than in their isolated homeland.
These three men wanted by the FBI are suspected of belonging to a unit of North Korean hackers dubbed the Lazarus Group – a reference to the biblical figure raised from the dead by Jesus. The Lazarus Group is believed to be behind some of the costliest cyberattacks in history. Like the infamous Sony leak – where hackers released five Sony Pictures films and a host of confidential data in 2014. They threatened more action if Sony dared to release the film “The Interview”, a comedy featuring Seth Rogan and James Franco about two Americans who assassinate Kim Jong Un.
In 2016, the Lazarus Group nearly stole $1 billion from Bangladesh’s national bank. The ONLY reason they didn’t succeed is because of a fluke. When they tried to transfer the money to a bank located on “Jupiter Street” – the word “Jupiter” triggered alarms because it’s the name of a sanctioned Iranian shipping vessel. Lazarus Group has crippled the computer systems of Boeing, the UK’s National Health Service, and Germany’s federal railway – demanding payment in Bitcoin to unfreeze their systems.
North Korean hackers seem to love crypto. They stole nearly $400 million in cryptocurrencies in 2021, according to the data platform Chainalysis. The United Nations believes much of that money is used to fund North Korea’s weapons program, including developing nuclear missiles. So how does a country where most people can’t even access a computer produce elite cyber-criminals? The North Korean hackers are cultivated in the same way Olympians in China are trained and go on to dominate the Games.
They’re recruited when they’re young. Promising students who excel at math are placed in specialized schools and trained in advanced coding, with further training at specialized universities. And they show off their coding prowess at international coding competitions. The New Yorker put it this way: The coding and the analytical skills on display at such events were like the Force in the “Star Wars” movies: it could be used for the light side, or for the dark. As for P4X, temporarily shutting down North Korea’s internet was simply the appetizer before the main course.
He says he intends to go further by trying to hack into North Korea’s systems to steal information and share it with experts. According to Wired, he’s hoping to recruit more people to his cause and apparently launched a site on the dark web called “FUNK Project”. Can you take a stab at what that might stand for? “FU North Korea”.
Some Post Suggestion