- A U.S. security researcher has pulled what’s possibly one of the greatest stunts ever done out of pure spite.
As hard as it might be to believe, North Korea has internet access. Of course, it’s extremely restricted in line with the country’s repressive government policies, but it’s still there.
North Korea’s bizarre little pool of websites numbers only at a few dozen, including the country Air Koryo airline and Kim Jong-un’s official Naenara site. And earlier this year, they all crashed.
The dictatorship’s security personnel soon realized that connection outages — spread over a couple of weeks — were due to hacking. But the culprit behind the attack wasn’t North Korea’s southern neighbor, nor the CIA or any other governmental agency.
It was just one irritated man.

Seeking Vengeance
The hacker who crashed North Korea’s internet is an American security researcher. It’s probably not safe to publish his name, but he operates online under the pseudonym P4x, reported Wired.
P4x didn’t pull off his relatively extensive cyber attack for nothing, though. He merely served North Korea’s government its just desserts.
About a year ago, P4x himself had come under a North Korean hacking attack. He was one of the several Western victims the Korean hackers targeted.
According to P4x, the aim of the attack was most likely to steal software tools that could be used in cyber attacks, alongside information about security vulnerabilities. Luckily, P4x says he bested the hackers and they didn’t get anything of worth out of him.
But becoming a personal target to hackers serving a totalitarian regime still left P4x a bit rattled. He reported the attack to the U.S. government, which seems like the right thing to do.
And then… Nothing. According to P4x, the U.S. has not responded to the attacks in any clearly visible manner.
Welcoming Hackers with Open Doors
Needless to say, P4x felt a bit like his government had let him down. He waited a year, hoping for some kind of an official response, but so far nothing has happened.
Eventually, he got tired of waiting. It seemed to P4x that the only way to get retribution would be to do it himself.
“It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming,” he said.
Using his knowledge of information technology and security systems, P4x started probing North Korean connections. To his delight, he found a practically open playfield for him to wreak havoc in.
The hacker said that North Korean computer systems are riddled with well-known but unpatched security vulnerabilities. He also discovered that many of their servers run on software he could only describe as “ancient.”
He also started cracking open North Korea’s official national operating system, called Red Star OS. Digging into its code he realized that it’s an old and vulnerable Linux version.
Basically, nobody was home and the doors were unlocked. P4x cracked his knuckles and got to work.
An Easy Job
The hacker launched a one-man denial-of-service, or DoS, attack against North Korea. To make his job easier, P4x wrote an automated script that periodically scans North Korean systems to see which of them are online.
If the script finds a working system, it’ll start exploiting security holes to bring it down. P4x doesn’t want to say exactly which vulnerabilities he’s exploiting to not give out information to potential cyber criminals.
“For me, this is like the size of a small-to-medium penetration test,” P4x said, referring to a controlled cyber attack that security experts use to check a client’s network for vulnerabilities.
“It’s pretty interesting how easy it was to actually have some effect in there,” he added.
Indeed, if you know something about computer security, P4x isn’t doing anything particularly complicated. But apparently North Korea’s systems are held together with bubblegum and prayers to the point that even P4x’s methods were enough to crash it.
‘I Just Want to Prove a Point’
P4x’s claims of bringing North Korea’s entire network down isn’t just an empty boast. Third party experts monitoring the dictatorship’s internet connections also noticed something weird was going on.
Pingdom, a service measuring websites’ uptime, noted that certain points during P4x’s attacks nearly all websites hosted in North Korea were down. Junade Ali, a cybersecurity researcher studying North Korea, also noticed that the country’s key routers started going black.
“As their routers fail, it would literally then be impossible for data to be routed into North Korea,” Ali said.
Although P4x wrecked North Korean internet connections, his attack probably had little if any lasting effect. According to Martyn Williams, a researcher at the Stimson Center, hackers working for North Korea almost definitely operate out of different countries.
“I would say, if he’s going after those people, he’s probably directing his attentions to the wrong place. But if he just wants to annoy North Korea, then he is probably being annoying,” said Williams.
But as P4x confirms himself, his purpose is to mostly be annoying. He recognizes that the effect of his efforts is probably comparable to spray painting obscenities on the walls of government buildings.
“I definitely wanted to affect the people as little as possible and the government as much as possible,” P4x said.
“I just want to prove a point, and I want that point to be very squarely proven before I stop.”
