
Attack Is Suspected as North Korean Internet Collapses - jcfrei
http://www.nytimes.com/2014/12/23/world/asia/attack-is-suspected-as-north-korean-internet-collapses.html
======
eyeareque
The public /22 (1024 IPs) that is used by North Korea is widely known now, so
it is bad form to assume the US is behind this attack. Heck, a 14 year old
with a few bots could take down their whole country.

This outage won't hurt North Korea. At best it makes for a good head line to
see the whole country offline. At worst this means that their elite citizens
cannot access social networks or email outside of their country.

I really hope this isn't the doing's of the US government. You'd hope they
could do better than this..

~~~
digikata
Or this could be some kind of reverse false flag operation (a soccer flop?) to
give NK a platform to escalate some other negotiation point...

~~~
duaneb
Or it could be an actual false flag operation by the US to instigate
something.... Something is very weird about their attitude towards north korea
regarding this break in.

~~~
cbd1984
You know, it can't be a _false_ flag until there's actually a flag. Has anyone
claimed responsibility for doing this yet?

~~~
ptosis
a film with a second-rate comedic actor about North Korea, which in the United
States on its own being released normally, would draw precisely no one

the only proof it has on North Korea’s involvement in the hacking, is “that
the FBI said so,” apart from claims by the “Sony Pictures’ PR department.”

Sony was domiciled in Japan, specifically in Minato, Tokyo, Japan. And so it’s
a Japanese multi-national corporation not an American one. And one would think
that some sort of an offence by a state actor or anyone else against the
Japanese corporation would be a concern for the Japanese government, and not
the United States government,”

The North Korean government insisted on Saturday that it was not behind the
hacking and proposed a joint investigation with the US to prove it had no
involvement in the cyber attacks

outraged by the film showing the assassination of leader Kim Jong Un - also
claimed to have 'clear evidence' that the U.S. government engineered the
project as a 'propaganda' attack against North Korea.

the North Korean government is also convinced that directors Seth Rogen and
Evan Goldberg were under direct instruction from U.S. officials, who told them
to include extra scenes to 'insult the dignity' of North Korea

a group calling themselves the Guardians of Peace has claimed credit.

Guardians of Peace responded to the FBI with a message on Saturday, mocking
their investigation and trolling them with a video that essentially called
them idiots.

------
Alupis
This is occurring after the hacker group who claimed the attack (Guardians of
Peace), sent the FBI a letter thanking them for blaming North Korea, calling
the FBI the best (sic), and linked to a youtube video that called the FBI "an
idiot".[1]

[1] [http://www.cnn.com/2014/12/22/world/asia/north-korea-us-
sony...](http://www.cnn.com/2014/12/22/world/asia/north-korea-us-sony-hack-
who-says-what/index.html?hpt=hp_c2)

~~~
spacefight
That video is ages old.
[https://www.youtube.com/watch?v=hiRacdl02w4](https://www.youtube.com/watch?v=hiRacdl02w4)

~~~
pera
uhm I think that's a very old (2004?) flash from 2ch

~~~
hotgoldminer
Resisting temptation to rickroll HNers...

------
SEJeff
Do people seriously think the USG is behind a ddos when Anonymous has already
stated they are going to go after the DRPK?

[http://www.inquisitr.com/1691688/anonymous-announces-
vengean...](http://www.inquisitr.com/1691688/anonymous-announces-vengeance-on-
north-korea-for-sony-hack-with-opripnk/)

~~~
tedunangst
Maybe the USG is Anonymous!

~~~
autokad
he's down voted but not too far off base. The US has already used hacker
organizations to inadvertently act in the interests of the US government.
Considering that the US almost certainly has moles in Anonymous, it wouldn't
be hard to influence them to target Korea

~~~
patronagezero
You're over-complicating the issue, I think. Why not just do it themselves,
then claim it was 'Anonymous'? No convincing required and no one to argue
with.

The whole thing smells like just another move to convince the non-believers
into thinking NK was responsible for the Sony hack.

~~~
AlyssaRowan
Both the US FBI (via, for example, their mole sabu) and the UK (via GCHQ's
JTRIG) have previously conducted offensive operations under the cover of
Anons. (Of course that doesn't make a lot of sense as an attribution, as
Anonymous isn't really a _group_ of any conventional kind.)

This looks like a small DoS against one router, as any random could do (and
perhaps has done), but of course, .kp doesn't have much connection to the
public internet, so that's about all it takes. And it isn't exactly a big
impact on them as a country - yet it's still knocking a country off the
internet.

I believe the attribution to DPRK is very probably false. I think the Sony
hack was quite probably conducted by non-state actors, but there is far too
little information to be sure. The US have unfortunately impeded honest
forensic investigations.

And I believe that attacks on the internet, any part of it, are destructive
and not constructive. The US would be _extremely displeased_ if the same -
cutting it off the internet - happened to it, so I dearly hope they are not
stupid and short-sighted enough to be responsible! Whomever is behind this
deserves condemnation.

Perhaps we need a treaty. Yet when a few determined individuals can do
offensively essentially what a nation can, I'm not sure how that's possible.
But focusing on offense will only make everything worse - the US probably has
more to lose from so-called "cyber war" than any other nation on earth. It
should be leading the charge against it. It isn't. And that's a huge mistake.

~~~
ptosis
when NK wants some hacking done, they send them to North Korean-owned Chinese
hotels to do it

USG asked Beijing to shut down servers and routers used by North Korea that
run through Chinese networks.

------
vlunkr
Is it weird to anyone else that all this "cyber warfare" is happening over the
release of a movie. A comedy movie, not a documentary or propaganda film. I
don't know if media has every had such an inadvertent impact on politics
before. I would say it's a strange age we live in, but I think this
strangeness is all from North Korea.

~~~
jusben1369
Well to be clear to the North Koreans this is 100% a propaganda movie.

~~~
Crito
There seems that people living under regimes with limited freedom often fail
to comprehend that people living in other countries might produce something
without the explicit approval of their government.

To the North Koreans, it is beyond comprehension that people _living in_ the
US made something, rather than the US government making it. To them, if
Americans made it, that means _America_ made it.

This misunderstanding isn't limited to works coming out of the US of course.
Another example of this failure to comprehend freedom of expression is the
aftermath of the Muhammad cartoons published by some Danish newspapers.
Enraged extremists around the world began rioting in front of Danish
Embassies, as though the cartoons were drawn, commissioned, or even approved
by the Danish government.

See also: The souring of Chinese-Norwegian relations after the Norwegian Nobel
Committee _(which is a private organization which awards a private prize,
despite having some members selected by Norwegian parliament)_ awarded the
2010 Nobel Peace Prize to Liu Xiaobo.

~~~
_delirium
> the Norwegian Nobel Committee (which is a private organization which awards
> a private prize, despite having some members selected by Norwegian
> parliament)

The Peace Prize is a bit closer to the Norwegian government than that. Alfred
Nobel left that part of his will directly to the Norwegian Parliament, not to
a private organization, and he tasked the Parliament with using the money to
establish a peace prize. The Parliament established a committee, the Nobel
Committee, to administer the award, and traditionally its members were a
subset of standing members of Parliament, with the partisan makeup of the
Nobel Committee reflecting each party's representation in Parliament.

In recent years they have instituted a rule that current parliamentarians
can't sit on the committee, and instead retired parliamentarians are chosen,
to given it slightly more distance. But they're still 100% selected by
Parliament, and allocated to each party in proportion to party representation
in the Parliament.

~~~
sondr3
But the Norwegian government has absolutely nothing to do with who gets the
prize, which is the whole point here. The fact that China gets angry at Norway
et al because of a committee in Norway gave the peace prize to someone almost
nobody in China knows about is a bit petty.

~~~
digi_owl
That could be because China looks at politics more like a old boys club than
Norway does.

Then again, there have been some eyebrow raising choices over the years.

------
jgwest
Maybe it's the doing of the U.S. gov't... maybe not...

But in any case, what's the point of keeping the U.S. government's action or
non-action secret?

As the linked piece states:

"If the attack was American in origin — _something the United States would
probably never acknowledge_ ..."

It's sort of like the Doomsday Machine in Dr. Strangelove: it just doesn't
work as a deterrent if you keep it a secret.

Or is all this secret "cyberwarfare" capability that the U.S. government is
secretly building only going to be used in secret?

~~~
vegabook
Your excellent point has a follow on: who exactly is responsible for deciding
when or if such a retaliation is to occur? Is there any oversight? Is there
any accountability? Who are the individuals involved? Which agency is
involved? Is Obama fessing up or not? I am not saying that I agree or disagree
with the retaliation, only that open accountability is necessary, precisely
such that our collective liberty is safeguarded.

If this is not the US, then the cybersecurity apparatus of the US and other
nations must surely provide more information about which entity has the power
to take down an entire country's internet (even if, admittely, this is a small
country that is easy to take down?). We need to know either that this is an
explicit retaliatory attack (in which case, who is deciding the legitimacy and
proportion of this retaliation), or if not, we need to know very clearly that
our cybersecurity apparatus is _aware_ of who did it, and if not, what are
they doing to become aware of such issues in the future (with guarantees of
public disclosure when this is not incompatible with national security).

Basically, we cannot have a situation where signficant swathes of the internet
can be taken down with nobody knowing what's going on, and what the principles
are behind any decisions made. That would be a basic affront to freedom.

Nebulous, intangible entities with the power to perpetrate or retaliate with
no accountability, are extremely dangerous.

I see a significant dearth of information here, information that is in the
public interest whoever is behind it.

~~~
graycat
Supposedly CloudFlare has ways to trace and then block a DDoS attack. So,
maybe they know the origin of the NK DDoS attack if it was a DDoS.

------
yourad_io
Trying to inform oneself about a technical matter through a mainstream news
source is an exercise in frustration.

Maybe my English needs work. Could someone with superior English skills to
mine, please decipher the article and tell me:

Is there any actual evidence of an attack? Has traffic spiked through/from NK?

Or could this be them "pulling the plug"?

Because the first case is: "Someone attacked NK Internet and brought it down",
while the second "NK Internet IPs were \"withdrawn\" from the net".

~~~
oasisbob
Dyn Research (née Renesys) was quoted in the article, and typically posts in-
depth articles when this type of thing happens. [1]

Based on the quote[2], I interpret the failure as someone attacking the
routers themselves, overwhelming their control planes to the point where they
can't sustain BGP sessions reliably.

[1] No post from them yet, would expect it to be at
[http://research.dyn.com/2014/12/](http://research.dyn.com/2014/12/) if/when
they do the full write-up.

[2] "Their networks are under duress,” Mr. Madory said. “This is consistent
with a DDoS attack on their routers,” he said, referring to a distributed
denial of service attack, in which attackers flood a network with traffic
until it collapses under the load."

~~~
hhw
If routers are being directly attacked, the router IPs can just be null
routed, as they don't need to be reachable by the Internet at large to be the
next hop for passing traffic between routers. Some networks use unadvertised
IP space for their router point-to-point and loopback IPs for that reason.
Guess it's not too surprising that North Korea doesn't have better network
engineers.

------
uean
With such a small subnet, the idea that all the various sysadmins who read
this article are immediately going to run a quick ping check to confirm NK is
still down, and that in itself turning into sufficient traffic to DDoS the
entire country, makes me giggle a bit.

------
graycat
Well, NK likely does not have the best electric grid. So, maybe the problem
was just their electric grid! Or maybe the problem was someone clicking on the
wrong icon or push button in some system management software, maybe written in
NK?

But if the _outage_ was from a DDoS from the USG, then I have to regard it as
mostly a publicity stunt: That is, I _have_ to believe that the NSA and CIA
have much better _control over_ , _penetration of_ , NK computing than just a
DDoS!

I mean, NK has, what, bootleg, never updated copies of Win 95, Win 2K, Win XP
SP0, really old IE with lots of ActiveX pages, really old FF and Flash? The
place has to be a computer version of a fire trap without a _firewall_! NSA
and CIA rootkits have to be tripping over each other all over NK like rats in
a garbage pile.

Oh, did someone compare NK with a garbage pile? Oh, how pejorative! I mean,
how could one regard that pinnacle of fashion that gave the world the unique
haircut of the Great Patriotic Leader, Jr.?

Besides, their girls nearly all look so young, that is, small and thin,
possibly because nearly everyone there is thin. Maybe they get a lot of
exercise, aren't very warm in the winters, and don't eat very much, or all of
those.

------
keeran
This all stinks (TBP included) of a media blitz to prepare the greater masses
for further restrictions to their Internet abilities.

"Sure a content filter makes sense, there's a war going on."

------
Rapzid
Obama already calibrated the governments stance on this ordeal when he said
the Sony hack was vandalism and NOT terrorism. I don't believe the government
being responsible for NK's internet problems is in line with that.

He also seemed to believe that the fault for any censorship as a result of the
hack lies squarely within the US.

~~~
zaroth
IMO it lies squarely with the FBI who wouldn't say it was not a credible
threat. If you come to the FBI with a threat, and they say that it's credible,
what are you going to do next?

~~~
Rapzid
After the government told me something about a security threat? The same
government that puts us on these orange and yellow and red alerts and nothing
ever happens? And if something does happen there is no alert, or there are too
many security advisories they don't know which ones are credible and then the
whole incident gets politicised, turned into a blame game, and broken down
into sound bites for Rush and ammo for polarized netizens to spew at each
other turning every comment section on every current event article, ever, into
a partisan war?

Yeah, I'm not sure. But I can tell you I don't know a person alive or an
institution operating today for which I could tell you how I would react to
information they gave me without being fully seeped in the context in which it
was given.

Also, I don't know anything about what the FBI did or didn't say. I just know
what was released(yeah :|) on what Obama said, which was that he would have
liked for Sony or the Movie chains to have reached out.

Ultimately, I think it's a societal issue. Our culture has become terrorized
since 9/11\. We are a bunch of wet blankets. It's a huge problem that we have
no spine outside the military/intelligence community. We just get led around
by the nose.

------
oneofthose
This article reads like an excerpt from a Vernor Vinge novel, in particular
`Rainbows End`. Amazing.

------
jmnicolas
Of course, NK won't be pissed at all and they're not going to retaliate at all
(yeah I know it's probably the goal of this attack).

This might be the first steps of the first cyber world war for all I know.

The only good thing is that only the elite will be affected by the collapse of
NK Internet (no porn for a while). The average citizen probably can't even
grasp what the net is, and none of her life is linked to it.

~~~
jusben1369
Yes can it really be the first cyber war if one side doesn't really have a
cyber presence?

~~~
jmnicolas
They don't need a massive cyber presence to damage others cyber presence.

And for them it's more a matter of pride than real damage done to their
country.

I wouldn't be surprised if they announced that they will start to make some
new missile test soon.

------
luftderfreiheit
What fascinating times we live in.

My interpretation of the general history of warfare is that countries agree on
restraint once some situation has occurred that all sides agree should never
happen again. Mustard gas in WWI, nuclear weapons in WWII...

Hopefully this doesn't spiral out of control. It's not clear where the
boundaries are that we don't want to cross.

~~~
ForHackernews
I'd be pretty happy if governments all decided "cyberwarfare" was an
acceptable substitute for the real thing. Nobody dies, some money is lost,
some important people are embarrassed.

~~~
towelguy
How would they decide who wins?

~~~
slayed0
The smae way they decide in a normal war. They keep going until a treaty is
signed. Typically the side who is worse off "throws in the towel" so to speak
by signing a treaty that holds the favor of the stronger side.

------
kolev
How immature... if it was the US. So, North Korea (we still don't know for
sure) caused hundreds of millions of dollars of loss to Sony Pictures and US
caused how much damage to North Korea (which doesn't care much about the
internet)?... Well, close to $0. How proportional is that?!

------
wahsd
So, has it been 100% confirmed that NK is behind all of this? I don't know, I
realize that NK is like some hormone crazed pubescent boy, but shit just seems
weird.

What if this all turns out to be some trolling by some third party, maybe even
not government affiliated.

~~~
McGlockenshire
> So, has it been 100% confirmed that NK is behind all of this?

There is no actual released evidence, only statements from government
agencies. The information that has been released says that some of the attacks
did originate from servers hosted by NK IP space. That's it.

NK itself says that they didn't do it, and that doesn't match their previous
threatening behavior.

~~~
nether
Al Qaeda also initially denied responsibility for 9/11\. It doesn't really
mean anything.

~~~
jqm
Good point. And to the same point, neither do accusations anymore....

I think there is a lot going on and we don't know anything about it. I'm not
sure if this for national security reasons or because we would be outraged
beyond belief....

~~~
unclebucknasty
> _I think there is a lot going on and we don 't know anything about it._

You said it. You know, NK claims that the movie was USG propaganda. And, to
the average American ear, that notion probably sounds completely nuts on its
face.

But, then, there's this that we learned just a couple of weeks ago:

[http://foreignpolicy.com/2014/12/11/why-usaid-got-into-
bed-w...](http://foreignpolicy.com/2014/12/11/why-usaid-got-into-bed-with-
cuban-rappers/)

Not only do we not know everything that goes on, but it's becoming
increasingly difficult to separate ridiculousness from truth.

~~~
alexbecker
> You said it. You know, NK claims that the movie was USG propaganda. And, to
> the average American ear, that notion probably sounds completely nuts on its
> face.

As it should. There's no need for propaganda against the PDRK, they've done a
pretty good job of making themselves look bad on their own.

~~~
unclebucknasty
> _There 's no need for propaganda against the PDRK, they've done a pretty
> good job of making themselves look bad on their own._

One would certainly think so.

Still, the notion that the USG would even consider involving itself in such a
movie for propaganda purposes is about as ridiculous-sounding as infiltrating
the Cuban rap scene to do the same.

------
downandout
I suspect this to be the work of the US government, but out of curiosity I
wonder if there would be any legal consequences were Sony or another private
party to launch a DDOS attack on North Korea from the US. Obviously no one
would be extradited to NK, but I'm curious if that would run afoul of US law.

If not, it might be fun to create some software or a mobile app that would
keep this going indefinitely. I imagine a "CrashNK" app would get alot of
downloads.

~~~
Alupis
> I suspect this to be the work of the US government

If true, the backlash could be significant. There's already large portions of
the world trying to de-centralize the internet from the US (routing around,
etc) after the Snowden leaks and discoveries of egregious abuses of power over
the internet by the US government. No single country should have the
capability (or right) to knock an entire other country off the internet, North
Korea or not...

~~~
free2rhyme214
I think you don't understand how powerful the US military really is.

We take down governments in our sleep and replace them with our own puppets.

~~~
cubano
_We take down governments in our sleep and replace them with our own puppets._

Except for the fact that the Chinese protect that particular government, and
that makes thing a lot stickier.

~~~
knd775
China is publicly backing away from North Korea. They have said that they will
not come to NK's aid if they do something stupid and get attacked.

~~~
Alupis
> China is publicly backing away from North Korea

It seems to be quite the opposite actually:

> Any civilized world will oppose hacker attacks or terror threats. But a
> movie like ‘The Interview,’ which makes fun of the leader of an enemy of the
> U.S., is nothing to be proud of for Hollywood and U.S. society,” an
> editorial in the newspaper said. “No matter how the U.S. society looks at
> North Korea and Kim Jong-un, Kim is still the leader of the country. The
> vicious mocking of Kim is only a result of senseless cultural arrogance.[1]

[1] [http://www.ibtimes.com/sony-hack-triggers-diplomatic-
tightwa...](http://www.ibtimes.com/sony-hack-triggers-diplomatic-tightwalk-
china-condemns-cyberattacks-without-1764432)

~~~
snogglethorpe
China's position on this particular incident is just a reflexive defense of
the concept of "no interference in other countries' affairs, regardless of how
bad they look" something which China strongly advocates for its own reasons,
not for the benefit of NK.

China's general attitude over the last decade or two has been a gradually
increasing private irritation with NK's behavior and while China still tends
to defend NK in public, these defenses seem more and more perfunctory as time
goes on. There's a sense that while they value NK as a communist buffer state,
the Chinese government has little love for the NK regime in particular, and
wishes they'd get their act together.

------
seanemmer
More informative article from Huffington Post:

[http://m.huffpost.com/us/entry/6367654](http://m.huffpost.com/us/entry/6367654)

------
ElectricMonk79
Cutting off a major source of communication to a paranoid and armed nation
seems like a really bad idea. Ask any horror film director - imagined enemies
and actions are much worse than being able to see the monster.

------
hardwaresofton
No offense (to any who might be vehement supporters of NK I guess, though I
can't imagine there are many), but I can't imagine the NK internet is/was very
big/strong/fault-tolerant.

------
leke
Sometimes I think the US's responses are so disproportionate, if someone was
to actually attack their country, they would respond by attacking the entire
world.

------
Monotoko
Recently a scan of the IP space was put on /r/netsec - I don't think this is
coincidence.

------
ilamont
If this is the work of the U.S., it sets a very bad precedent.

~~~
jmnicolas
I don't think it is : why provoke a country that has nothing to loose in a
cyber war when mostly everything in the US is dependent on the Internet ?

Look at what happened to Sony (even if NK may had nothing to do with it) and
imagine what would happen if NK decided to shut down several US companies
'Sony style'.

The financial damage would be tremendous for the economy.

IMO cyber war is a bit like nuclear war : the goal is not to use it, or life
can become really complicated really fast.

------
classicsnoot
Could this bay some sort of shot across russia's bow?

------
r109
ooh thought this would happen. driverdan called it, reference:
[https://news.ycombinator.com/item?id=8777811](https://news.ycombinator.com/item?id=8777811)

~~~
driverdan
I really hope no one took my question as a prompt to attack them. That wasn't
my intention. I was, and am, genuinely curious about their capacity.

------
curiously
This is as useful as announcing we put an embargo on rolls royce pinnacle
travel. There's only 15 of it and not many people can afford it anyways.

~~~
Houshalter
Which is better, it's the people in power they want to affect.

------
yuashizuki
LOL what a phatetic response, after a attack on the first amendment.

~~~
crazypyro
There's nothing proving it was an attack sponsored by the United States gov't
or even a response.

~~~
yuashizuki
People are writing about it, trying to lift moral. LOL

------
sauere
/edit: posting in wrong thread. sorry. (and stop it with the downvotes!)

~~~
sp332
Wrong article?

~~~
josefresco
Yes, this looks to be his intended thread:
[https://news.ycombinator.com/item?id=8784335](https://news.ycombinator.com/item?id=8784335)

------
lostgame
Okay, seriously - who else is making the weird, kinda unsettling connection
between the recent seizure of the Pirate Bay and this whole 'The Interview'
business with North Korea?

If the Pirate Bay was still online, would 'The Interview' have leaked already?

Is the seizure of The Pirate Bay linked to the intentional suppression of the
release of this film?

Why would the government raiding TPB concede to do this for terrorists?

I mean, I hate to be one of those conspiracy nuts, but - it really seems like
this is all a big distraction for the start of some new strange form of
cyberterrorism.

~~~
btbuildem
TPB is online as of right now, not sure what you mean?

~~~
haakon
It's not online. Perhaps you have been misled by a fake copy?

