Cyberattack disconnects North Korea’s Internet and generates failures across the country

Specialists report that the Internet infrastructure in North Korea is experiencing severe disruptions during the last weeks, possibly caused by a denial of service (DoS) attack. The latest incident took place on Wednesday and lasted for more than six hours.

Researcher Junade Ali, dedicated to monitoring email and web servers in North Korea, mentions that at the height of the attack all traffic to and from North Korea was interrupted due to the cyberattack: “When someone tries to connect to a North Korean IP address, the Internet literally cannot route their data to the country”,  mentioned the researcher.

Hours later, it was reported that the affected servers had already been restored, although some web servers of institutions such as the airline Air Koryo, the Ministry of Foreign Affairs of North Korea and the official portal of the North Korean government continue to experience constant failures.

As you can guess, Internet access is strictly limited in North Korea, so it is difficult to know how many people can access the global Internet in this territory, although experts believe that only a few people of the 25 million North Koreans enjoy this privilege.

Separately, a specialized research group based in South Korea reported that log files and network logs showed that websites on North Korean web domains were inaccessible because North Korea’s Domain Name System (DNS) stopped communicating the routes that data packets should take.

These simultaneous interruptions suggest that behind it all is a DoS attack, a popular hacking variant in which threat actors try to flood a network with higher traffic volumes than the infrastructure can support, paralyzing all operations for indeterminate periods of time.

For Ali, it’s common for a server to go offline for some periods of time, but these incidents have caused all web properties to go offline at the same time. It’s not common to see the entire internet go offline.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.