North Korea’s Internet is going suspiciously haywire

   < < Go Back
from The Washington Post,

North Korea’s shaky Internet infrastructure has been suffering from widespread outages this week, North Korea watchers said, who added that the network failures were highly unusual, even for the reclusive nation.

The connectivity problems are coming just days after President Obama warned of a “proportional response” to North Korea, which the U.S. government says is responsible for the major cyber attack on Sony Pictures Entertainment’s network. It’s not yet known whether the United States is responsible for the downtime. But according to Dyn Research, North Korea’s Internet is currently showing intense instability.

North Korea Tech has more:

“I haven’t seen such a steady beat of routing instability and outages in KP before,” said Doug Madory, director of Internet analysis at Dyn Research. “Usually there are isolated blips, not continuous connectivity problems. I wouldn’t be surprised if they are absorbing some sort of attack presently.”

Is this an attack? The chances aren’t zero, considering that the few North Koreans who can actually get online tend to be government and military officials. Even if the outages are the result of somebody’s deliberate act, however, proving that the United States did it would be difficult.

In a press briefing Monday, a State Department official wouldn’t comment on “operational details about the possible response options” but did say, somewhat cryptically, that “some will be seen, some may not be seen.”

There are other questions, too. When one country wants to bomb another but has to fly through a third country to get there, it typically needs the third country’s permission. How does that work in cyberspace? Early reports suggest the United States did indeed ask China for help in attacking North Korea’s digital infrastructure. (Pretty much all the telecom routes to North Korea run through China.) But those reports last week said China had not responded to the U.S. request. Did that change in the last few days?

In a twist, hackers claiming to be associated with the group Anonymous sought credit for the outages in a tweet published Monday with the hashtag #OpRIPNK.

On Friday, a separate Twitter account, also thought to be affiliated with Anonymous, announced that a counterattack against North Korean hackers had begun.

“Operation RIP North Korea, engaged. #OpRIPNK,” tweeted the account known as @theanonmessage.

While it’s unclear whether Anonymous had a role to play in North Korea’s downtime, at least six of Arbor’s observed denial-of-service attacks originated from the United States, the security firm said.

Arbor’s analysis showed that the denial-of-service attacks targeted a handful of North Korean Web sites. They include Pyongyang’s official Web portal, Naenara, as well as an educational site belonging to Kim Il Sung University. The attackers also took aim at two servers that route Internet traffic to North Korean sites. The highly public nature of the hack suggests the work of outside hackers, according to the firm.

“It would be easier to say who is NOT doing this,” wrote Dan Holden, Arbor’s director of security research, in a blog post Monday. “This is not the modus operandi of any government work.”

More From The Washington Post: