Who makes it wait: if you, a North Korea hacker, carry out a hacker attack on me, I will take down the internet all over the country . And so it was. For real. The story seems strange, but it is not so strange, considering that there are always attempts by some governments to obtain valuable data and information on Western methodologies on hacking. Or, as in other cases, to steal money in the form of cryptocurrency.
So it turns out that the entire North Korean network recently appeared offline . It must be said that it is not too much effort, since in the end it is a handful of public service sites , such as the official page of the supreme leader Kim Jong-un or the portal of the airline that operates in the Village. More than purely technical issues, here, it is the political ones that must be taken into consideration. And, perhaps even before these, it is the setback that has created the most annoyance to the North Korean regime .
Yes, because the response hacker attack was not carried out by computer experts employed by the White House: the author is a single American citizen , who after suffering the hacker attack by Pyongyang (which was looking for details on software vulnerabilities and hacking tools used by security researchers in the West) decided to take revenge on their own . And “revenge is a dish that must be served cold”, which is why the lone hacker decided to wait a year before launching the attack.
And P4x – this is its code name – has succeeded in its intent: with a series of automated attacks it has disabled the servers on which the few active sites in the country depend , exploiting vulnerabilities that probably not even the computer experts in Kim’s court Jong-un were aware of. Not too many details have been revealed, as the hacker fears that North Korea could fix the flaws with patches. P4x only talked about a bug in the NginX web server software and how vulnerable Red Star OS is, the state operating system based on an old version of Linux.
The result was perfect: the entire North Korean network went offline , except for those sites that rely on servers outside the national borders. But there is a “small” problem: who has really suffered damage from this huge blackout? Certainly not the local population, which does not have access to the internet but only to a sort of large intranet controlled by the state. The sites affected, experts say, are those that the regime maintains online for propaganda abroad.
But P4x’s intention is not to hit the population, but to annoy the Pyongyang government and to track down who organized the hacker attack that hit it the previous year. ” Probably the perpetrators are abroad, perhaps in China,” say some experts. ” It is useless to look for them in North Korea “. ” I wanted to influence people as little as possible and the government as much as possible,” admitted the American hacker.
Can revenge be declared over? Not at all: this was just a taste to test how to really steal sensitive information to then share with experts and, perhaps, with the US government. On the dark web, he also created a FUNK Project (FU North Korea) to recruit other hacktivists and to stop North Korea from cyberattacks on the West.
A sort of do-it-yourself justice: given that the US government seems (apparently) disinterested in this affair, P4x will take care of “resolving the issue”. Provided that the final damage is not greater than the initial one. So much so that other hackers hit last year along with P4x have dissociated themselves, preferring not to hinder the work that the United States, under the radar, is conducting to spy on North Korea.