North Korea’s Internet connection is back up and running after a 10-hour outage on Monday, leaving security experts doubting that the United States or any other nation was behind the incident.
{mosads}“If it turns out it was an attack, I’d be far more surprised if it was a government launching the attack than I would if it was a kid in a Guy Fawkes mask,” said Matthew Prince, CEO of Internet connectivity firm CloudFlare, by email.
The U.S. was suspected of involvement in the outages, since the incident came just days after President Obama vowed to “respond proportionally” for a cyber assault on Sony Pictures that the FBI pinned on North Korea.
But the United States isn’t the only actor that has threatened North Korea.
The group of politically motivated hackers known as Anonymous has also promised to “retaliate against North Korea for the Sony incident,” added Ted Ross, director of security research at tech company HP, in a statement.
In late November, hackers going by “Guardians of Peace” infiltrated Sony’s networks, stealing troves of sensitive data and emails. The hackers later leaked the data and then threatened Sept. 11-style attacks on any theater screening “The Interview,” a comedy about a plot to assassinate North Korean leader Kim Jong Un.
Sony eventually canceled the film’s Christmas Day release.
The FBI later said it had evidence tying the attack back to the North Korean government, an accusation Pyongyang dismisses despite praising the hackers’ actions.
As tensions were rising between the two countries, North Korea’s Internet went dark on Monday.
Experts have proffered several theories.
Pyongyang could have proactively taken itself offline in anticipation of foreign cyberattacks, as it has done before. North Korea’s single Internet provider in China could have also just turned off the country’s access. It’s also possible the country’s lack of updated equipment might have caused a hardware failure.
Or it’s a cyberattack.
The capacity of the Internet coming in and out of North Korea is so minimal that a talented, motivated teenager could bring the system down, experts said.
Most basic denial of service (DDOS) attacks — which try to crash a computer network by flooding it with traffic — are “at least an order of magnitude larger than the total capacity of North Korea’s link to the public Internet,” Prince said.
“I do think that it’s highly unlikely that, if this was caused by an attack, that it was necessarily sponsored by a nation state,” he added.
Jason Healey, a former director of cyber infrastructure protection at the White House, agreed by email.
“It is entirely possible this is good ol’ American patriotic hackers, mimicking the Jester, looking to strike back against North Korea,” said Healey, currently director of the Atlantic Council’s Cyber Statecraft Initiative.
“If so, then the Department of Justice must do like they did at the time of Iraq invasion in 2003 and warn them that it does not condone so-called ‘patriot hacking’ on its behalf,” he added.