Internet downed in North Korea by cyber-attacks, researchers

0
480
Internet downed in North Korea by cyber-attacks, researchers
Internet downed in North Korea by cyber-attacks, researchers

In North Korea, internet access is strictly limited. It is not known how many people there have direct access to the global internet, but estimates generally place the figure at a small fraction of one per cent of the population of about 25 million

Possibly caused by a distributed denial-of-service (DDoS) attack, North Korea’s internet appears to have been hit by a second wave of outages in as many weeks, researchers said on Wednesday.

The latest incident took place for about six hours on Wednesday morning local time, and came a day after North Korea conducted its fifth missile test this month.

At the height of the apparent attack, all traffic to and from North Korea was taken down, said Junade Ali, a cyber-security researcher in Britain who monitors a range of different North Korean web and email servers.

“When someone would try to connect to an IP address in North Korea, the internet would literally be unable to route their data into the country”, he said.

Hours later, servers that handle email were accessible, but some individual web servers of institutions such as the Air Koryo airline, North Korea’s ministry of foreign affairs, and Naenara, which is the official portal for the North Korean government, continued to experience stress and downtime.

In North Korea, internet access is strictly limited. It is not known how many people there have direct access to the global internet, but estimates generally place the figure at a small fraction of one per cent of the population of about 25 million.

Because North Korea’s Domain Name System (DNS) stopped communicating the routes that data packets should take, log files and network records showed websites on North Korean web domains were largely unreachable, Seoul-based NK Pro, a news site that monitors North Korea reported.

A similar incident was observed on Jan. 14, NK Pro reported.

The simultaneous nature of the server outages suggested a DDoS attack, in which hackers try to flood a network with unusually high volumes of data traffic in order to paralyse it, Ali said.

“It’s common for one server to go offline for some periods of time, but these incidents have seen all web properties go offline concurrently. It isn’t common to see their entire internet dropped offline”.

During the incidents, operational degradation would build up first with network timeouts, then individual servers going offline and then their key routers dropping off the internet, Ali said. “This indicates to me that this is the result of some form of network stress rather than something like a power cut”.

Also readCIO News interviews Shri Wangki Lowang, Minister (IT) of Arunachal Pradesh

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics