Things are getting pretty tense in the Koreas. North Korea has already declared a "state of war" with its southern neighbor, threatened to hit the U.S. with nuclear missiles, severed its lines of communication with Seoul, and on Tuesday, said it is restarting its plutonium-generating Yongbyon nuclear plant, shuttered since 2007. The U.S., already conducting joint military exercises with South Korea, has responded by flying stealth bombers over South Korea and deploying battleships along the coast.
In the latest sign of trouble, North Korea early Wednesday blocked access to the jointly run Kaesong industrial park, located just north of the heavily fortified demilitarized zone (DMZ). Kaesong is an important source of hard cash for North Korea, and its continued operation was seen as a sign that much of the recent saber-rattling from Pyongyang was a negotiating tactic by young, untested leader Kim Jong Un.
With the Korean peninsula one misstep away from a disastrous and bloody war, a branch of the hacktivist collective Anonymous has launched its own battle against North Korea. Over the weekend, Anonymous Korea said that it had taken down several North Korean websites, including Pyongyang's main external propaganda and news site, by hitting them with distributed denial of service (DDoS) attacks. The group also claimed to have hacked North Korean government sites, offering the confidential user records of six of the 15,000 accounts it claims to have swiped from Uriminzokkiri.com, a government site hosted in China.
The "North Korean government is increasingly becoming a threat to peace and freedom," the anonymous Anonymous users write in a statement posted at Pastebin. Then, while noting that the "USA is a threat to world peace too," they list their demands:
- N.K. government to stop making nukes and nuke-threats- Kim Jong Un to resign- it's time to install a free direct democracy in North Korea- uncensored internet access for all the citizens!
And some warnings:
To Kim Jong-un:So you feel the need to create large nukes and threaten half the world with them?So you're into demonstrations of power?, here is ours:- We are inside your local intranets (Kwangmyong and others)- We are inside your mailservers- We are inside your web servers [Pastebin]
Anonymous Korea ends its missive with this threat: "First we gonna wipe your data, then we gonna wipe your badass dictatorship 'government.'"
The first challenge to Anonymous Korea's claims came from a fellow hacker, The Jester, well-known for using his hacking chops to launch cyberattacks against people and groups he considers "bad guys" — WikiLeaks, 4chan, and jihadist websites, for example. North Korea is obviously on his "bad" list, too:
The bigger challenge is from Asia experts, who note that the nature of North Korea's "internet" casts serious doubts on Anonymous' claims to have infiltrated the country's servers or cloistered web environment. Since Uriminzokkiri.com is hosted on Chinese servers, the group offers no proof it snuck into North Korea's digital kingdom, says Martyn Williams at North Korea Tech.
Getting onto the domestic intranet is highly unlikely based on our current understanding of the network. It's believed to be totally separate from the internet with no network link between the two for security purposes. So a proven hack would be very interesting. [North Korea Tech]
Charlie Custer at Tech in Asia elaborates:
Kwangmyong is a North Korean intranet that was established in the year 2000. Although it operates much like the real internet — users use web browsers to surf pages, send emails, etc. — it is actually completely disconnected from the actual internet as a security control. Content from the internet appears on the Kwangmyong network if it has been selected, inspected, and approved by North Korean censors, and there is no way to connect to it from outside North Korea. [Tech in Asia]
But while Anonymous' claim "seems dubious at best," Custer adds, "accessing Kwangmyong is not theoretically impossible," if the group somehow snuck some code past "the censors who scan and scrub content from the world wide web before re-posting it to Kwangmyong," or perhaps infected the computers of the lucky few North Korean officials with access to both the country's intranet and "the 'real' internet."
We'll get some answers soon enough, says Jon Russell at The Next Web. "The next activity for the Anonymous #OpFreeKorea campaign is slated as happening on April 19, at which time we're likely to know more about the kind of access that hackers have to North Korea's internet presence."
Besides, says Russell, "even if this attack wasn't coordinated by central figures at Anonymous, and regardless of how many credentials were grabbed, it shows that the 'hacktivist' community is turning its attention to North Korea." Whether that's good for the people of North Korea whom Anonymous is purportedly trying to liberate, or for South Korea and the world, remains to be seen.
