Written by: Vandita
December 18: The US government promises a ‘proportional response’ to North Korea’s ‘suspected’ hacking of the Sony Pictures.
December 22: North Korea gets entirely knocked off the internet by a distributed denial of service (DDoS) attack. The Internet access began to return after an outage that lasted over 9 hours.
Did you find any connection between the two incidents? Though it seems like there is a connection, here are some facts that will make you ponder…
In the past few months, DDoS has harmed Xbox Live and PlayStation Networks to a great extent but it is difficult to fathom that an entire country could be taken offline by a DDoS. Perhaps, shedding some light on North Korea’s terrible Internet connectivity may help us get rid of doubts like these.
Freedom of information is alien to North Koreans. Newspapers and TV stations are all state-owned, so there is tight control over information flow. Internet access is only permitted with special authorization and primarily used for government purposes. Most citizens manage with a state-controlled Intranet. The country has some broadband infrastructure that produces nationwide speeds of up to 2.5Gbps.
Because North Korea doesn’t really use the Internet, it only has a very small connection to the rest of the Internet. According to Arbor Networks, the DDoS peaked at just 6Gbps, which is fairly small in the grand scale of things. This may look unrealistically small for an entire country, but a fact cannot be ignored that North Korea also has one of the smallest IP address allocations in the world – as of December 2014, there are 1,024 IP addresses in North Korea.
Hence, it’s not very hard to DDoS North Korea. The country only has a single cable (a single, low-bandwidth link is trivial for DDoSing) connecting it to the rest of the Internet; if it had multiple redundant links, it would be harder to DDoS the nation. DDoSing North Korea probably didn’t achieve anything — remember 25 million North Koreans don’t have Internet access? It perhaps caused nuisance to, maybe, a few hundred people.
That brings us back to the question – who was behind the attack?
Lizard Squad, a group of hackers that claims to have been DDoSing PlayStation Network and Xbox Live services, seemed to take responsibility for the attack on North Korea with this tweet: “Xbox Live & other targets have way more capacity. North Korea is a piece of cake.” Their Twitter account has since been suspended. Anonymous, with a history of using DDoS, apparently were upset over the Sony Pictures/North Korea/The Interview fiasco; but never claimed to attack North Korea.
While Obama vowed to retaliate for North Korea’s role in the Sony Hack, this temporary DDoS attack doesn’t look US government’s doing as a long-term DDoS lasting weeks or months would cause greater problems to the country than only irritating a few individuals. And if anyone has the tools to carry out an attack of this magnitude, it’s the USA’s cyber warfare division.