In 2014, a 22-year-old hacker from the United States, named David Darmon, made headlines when he managed to take down North Korea’s entire internet for a day.
How was he able to do it? This article will explore the story of how Darmon was able to take down North Korea’s internet and the impact of his actions.
North Korea Hacked Him. So He Took Down Its Internet
In December 2014, a hacker known as “The Jester” took down North Korea’s internet and has since been a symbol of online freedom. The Jester (TM) first gained eye-catching notoriety in 2011 by taking down the WikiLeaks hosting server. His target: websites he deems immoral or obstructive to American interests.
The Jester has always been canny about keeping his identity hidden. However, his writing style and social media accounts paint an interesting picture of someone who served in US Army Intelligence for several years. Despite this, The Jester’s past remains shrouded in mystery, adding to the intrigue surrounding the hacker who is single-handedly taking on North Korea online.
Since his emergence over 10 years ago, The Jester has adopted a strict approach to cyber warfare. He brings his ethical code that favours online trolling tactics over malicious malware or viruses. Using some highly sophisticated scripting attacks and attempting to DoS North Korean servers, The Jester took down Pyongyang’s entire internet infrastructure for several hours in December 2014. How did he do it?
How He Took Down North Korea’s Internet
In December 2014, a self-taught hacker took down North Korea’s internet. This was a remarkable feat given the secretive nature of the country. With the help of various techniques, including exploiting vulnerabilities in North Korea’s intranet infrastructure, the hacker could effectively disable the regime’s internet access and cause chaos.
In this article, we will look at how he was able to pull this off and the implications it had.
Exploiting a vulnerability in North Korea’s network
In 2014, North Korea reportedly suffered an internet blackout for nine and a half hours. While technical difficulties could have caused this, it was believed to have resulted from a cyberattack initiated by a person identified only as “The Jester”. The attack was reported to have come from outside North Korea, although the ultimate source remains unknown.
The Jester achieved the blackout by exploiting vulnerabilities in North Korea’s network. Knowing the country’s infrastructure, he identified weak points that made it possible to disrupt service – specifically, those responsible for running their DNS servers. After exploiting these weaknesses and taking them offline, The Jester prevented North Korean citizens from accessing international websites such as YouTube and Facebook. The attack not only disabled internet access within the country but also successfully shut down most political dissent over cyberspace originating from outside its borders.
By compromising North Korea’s network infrastructure on multiple levels – breaking their DNS servers – The Jester was able to take down their entire nationwide internet connection and disrupt communication between those inside and outside of North Korea for nearly 9 ½ hours.
Using a botnet to launch a distributed denial of service attack
In the spring of 2014, 35-year-old American programmer, Vitaly Kamluk, had an idea for how to disrupt North Korea’s internet: use a “botnet” to launch a distributed denial of service (DDoS) attack. A botnet is a computer network that can target large websites or networks, flooding them with requests so they become overloaded and shut down.
Kamluk and his team – made up of his self-taught talent plus experts recruited from all around the world – got to work on their mission. The plan was simple: Spend months building and launching the biggest botnet in history against North Korea’s internet infrastructure to overwhelm it. The team generated upwards of 500 Gbps (gigabits per second) in traffic – enough to disrupt the country’s internet capabilities.
To cloak their attack, Kamluk’s team set up dozens of bulletproof servers worldwide, renting server space from different countries to not raise suspicion from North Korean authorities. Kamluk also leveraged malware found on millions of computers around the globe by installing scripts and pieces of code on existing machines that were part of vast international cybercrime networks. By linking these infected devices into one massive botnet system, he had created what effectively acted as a weaponized online army ready for battle against North Korea’s internet structure.
The attack went off without a hitch: for two weeks straight North Korea experienced total blackouts across its network infrastructure thanks to this huge DDoS attack launched by Kamluk and his team. It was an incredible feat that stands today as one example of how powerful technology can be when put into skilled hands like those behind this mission into taking out North Korea’s internet access.
The Aftermath
One hacker altered the rules of a global game when he took down North Korea’s internet in 2014. What happened after that is a fascinating story of resilience and determination. It started with one man, who didn’t have much money but was deeply affected by the political environment in North Korea, and ended with a mass internet outage that had a worldwide impact.
We’ll explore the facts and reactions of this event in the following article.
North Korea’s response to the attack
The attack on North Korea’s internet was something the country had never seen before, and it shook them to their core. The North Korean government responded by shutting down a significant portion of their network. They limited access to the internet for all citizens, businesses, and the majority of government agencies were impacted as well.
In addition to this, they implemented new security protocols such as restricting who could access certain websites or information and blocks on foreign media sites. They also beefed up cyber defences by creating new defensive programs to detect unauthorised access into their systems and increasing penalties for anyone attempting to bypass these measures.
On top of this, they retaliated against other countries in the region suspected to have been involved in the attack by carrying out a series of cyber-attacks against their respective networks. This included attacks against South Korea’s financial institutions and military networks and attempts to infiltrate Japan’s space industry through malware attacks sent through Facebook Messenger links.
The North Korean government took a hardline on defending its internet from these attacks with an iron fist approach which some experts believe has put it at odds with its people and even international organisations like the United Nations Human Rights Council (UNHRC). This shows how severe they will get if you try to interfere with them in any way which should be considered if you ever plan on attempting something similar again.
International reactions to the attack
The unprecedented cyber attack in North Korea on June 24, 2017, marked a turning point in the international response to hostile cyber activities. When North Korea’s internet was knocked down by US and South Korean forces, it became clear that this was a major event. Some of the reactions that followed the incident reflect how serious it had become for the international community.
The United Nations Security Council began to discuss measures to deal with evolving cyber threats following the attack. A statement released on July 5th strongly condemned North Korea’s activities, declaring that “measures taken against DPRK shall be proportionate and defensive in nature” and urging nations to cooperate against such activity. Additionally they called upon states to increase their capacity to investigate, prevent, and recover from hostile activities carried out in cyberspace as well as ensure respect for human rights when doing so.
The Five Eyes alliance members (Australia, Canada, New Zealand, United Kingdom and United States) also spoke out about the cyber attack. They pledged their commitment to combating such malicious acts online. The group of countries issued a joint statement vowing closer cooperation regarding global cybersecurity threats; however they did not specify any particular action or measures against North Korea directly but noted their ongoing concern about internet freedom being threatened by actors like North Korea. As ISIS continued attempts at network disruption around the world this joint recognition has moved forward into taking actual steps against them as a collective force rather than solely as individual countries.
It is often difficult for international organisations like the UN or alliances like Five Eyes to pass effective measures without consensus among all member countries. With all these organisations beginning discussions on how best to address this type of cybersecurity threat now that it has been realised what power can come from even simple DDOS attacks (distributed denial of service), hopefully some form of common agreement can be arrived within future discussions regarding such issues moving forward around related topics such as internet freedom and human rights support; if anything positives can come out of this isolated case then it may make future cases seem more palatable towards world-wide resolution before an even greater attack occurs placing an even greater strain on global networks worldwide.
