The Hacker Who Single-Handedly Took Down The North Korean Internet

Those who've had the chance to wander the webs of 1990s digi-cyber-compuverse movies, rejoice. You've beheld absolutely stupid depictions of keyboard-clacking, cyberspace-zooming "hacking" in films like "Hackers" (1995), "Johnny Mnemonic" (1995), or even "Independence Day" (1996) where Jeff Goldblum saves the world because aliens don't use the Windows '95 version of Norton Antivirus. In each case, like a copy-paste job from a William Gibson cyberpunk novel, hacking is associated with criminals and crackpots, the underworld and the underappreciated, geniuses, and the marginalized. 

Hacking isn't limited to fiction, though. It's not even limited to simple things like yanking money from a bank account or placing a speaker magnet next to an old-fashioned gas pump to prevent its numbers from spinning up when gas is dispensed (that last tip from actual hacker Gummo in a YouTube interview on Soft White Underbelly). As we've seen through Russian intelligence unit "Fancy Bear" meddling in the 2016 U.S. elections, "chaos is the point" of hacking, as well (via the New York Times). Modern hacking exists for political ends far beyond simple theft of funds.

Just ask U.S. hacker "P4x." Or don't, because you won't find him. The government-employed, U.S. security researcher was targeted by North Korean hackers in January 2021, as he reported to Wired (using his pseudonym). He received an anonymous hacking tool that contained a backdoor that provided others remote access to his computer. He traced it back to North Korea, and this year, started a campaign to teach them a lesson.

Pentests in pajamas

For a period of about two weeks in January 2022, the North Korean internet started fritzing out. As Wired describes, the whole thing seemed to go down for days at a time, and the country lost all connectivity not only within its borders but to the outside world. Dictator Kim Jong-un's personal site for the DPRK's national airline, Air Koryo, remained inaccessible. "At least one of the central routers" for the entire country was "paralyzed." That's when U.S. security researcher P4x stepped forward to claim credit, doing it all while wearing a "t-shirt, pajama pants, and slippers, sitting in his living room night after night, watching 'Alien' movies and eating spicy corn snacks.'"

"For me, this is like the size of a small-to-medium pentest," P4x said. For the uninitiated, "pentest" is short for "penetration test," a check of the vulnerabilities in a computer system. "It felt like the right thing to do here," he continued, "If they don't see we have teeth, it's just going to keep coming." P4x analogizes his revenge attacks to "tearing down government banners or defacing buildings," and has even opened a dark web site to recruit other hacktivists to his cause, called the "FUNK Project," where "FUNK" equals "F U North Korea."

P4x's hacktivism largely consists of "denial-of-service" (DoS) attacks that block data transfers between servers and routers. He called the North Korean web server software "ancient," and stated that the country's own, national operating system looks like a Linux homebrew.

Teaching governments a lesson

Publications like ForbesCNET, and Interesting Engineering all reported on Wired's exclusive story — it's the only media outlet that P4x actually spoke to. Some of these sites cast aspersions on the likelihood of one person being able to pull off the attacks, but in the end, they agree that the story seems completely legit.

According to P4x via Wired, the FBI reached out to him but "never offered any real help." For their part, the FBI stated merely that they are "committed to pursuing the malicious actors and countries behind cyberattacks, and will not tolerate intellectual property theft or intimidation." However, it looks like they haven't taken any concrete actions.

Fellow hackers like Dave Aitel, former NSA hacker and founder of the security firm Immunity, disagrees with P4x's methods but told Wired, "The United States is good at protecting the government, okay at protecting corporations, but does not protect individuals." He also states of the U.S.'s Cybersecurity and Infrastructure Security Agency, "This is one of the biggest balls CISA, in particular, has dropped."

Relatedly, P4x further stated that he wanted to teach the U.S. government a lesson as much as the North Korean government. He said, "I just want to prove a point. I want that point to be very squarely proven before I stop." He also reiterated, "You can make a difference as one person," and, "If no one's going to help me, I'm going to help myself."