North Korea Disappears From Internet For Several Hours in Suspected Cyberattack

North Korea disappears from the internet for several hours
North Korea lost connection to its internet system for several hours after a suspected cyberattack. Pexels / Brett Sayles

North Korea appears to have disappeared from the internet completely for about six hours on Tuesday with several sites believed to have been temporarily shut down after a suspected cyberattack.

Various domain names within the country ending in ".kp," including websites for North Korea's state-run media outlets, began shutting down sometime before six in the morning. The recent outage follows a time of intermittent outages that started on Jan. 14. The incidents continued the following weekend with some outages lasting several hours.

North Korea's Internet Outage

During the outages, North Korean servers became unreachable, which was announced by NK News, a news organization that was dedicated to following developments involving North Korea. The pattern observed throughout the outages suggested that North Korea's IT infrastructure was struck by a distributed denial-of-service (DDOS) cyberattack.

Cybersecurity researcher Junade Ali said that North Korea suffered a "total internet outage" after the suspected cyberattacks. While internet outages were common in North Korea and usually knocked government and state media sites offline. Last year saw a similar incident that used a botched software update last year, Yahoo News reported.

Ali said that, at the peak of the apparent attack, all traffic to and from North Korea was shut down. He said that, if a person tried to connect to an IP address in North Korea, the internet would literally not be able to route their data into the country's system.

Hours after the initial shutdown, servers that handled email became accessible while some individual web servers of institutions, such as the Air Koryo airline, North Korea's ministry of foreign affairs, and Naenara, which is the North Korean government's official portal, still suffered difficulties and downtime.

North Korea strongly limits internet access within its region, and there is currently no information on how many people had direct access to the global internet. However, it was estimated that the figure was at a small fraction of one percent of the population of about 25 million people, Reuters reported.

Suspected Cyberattack

Ali said that, while it was common for one server to go offline for some periods of time, the recent incidents in North Korea showed that all web properties went offline concurrently. The cybersecurity researcher said it was not common to observe the country's entire internet be taken down.

He noted that, if the incident was caused by an electricity outage, the routes would most have likely gone immediately when the router lost power. Ali noted that there were connection timeouts issues and high data loss before the routers dropped. He said that the incident suggested some form of network stress caused the incident.

Nicholas Roy, also a researcher, said that he believes someone either messed something up really bad, similar to what Facebook did a couple of weeks ago, or there was someone behind the incident who had the intent of committing a cyberattack.

Experts have been reluctant to attribute the incident to actions taken by the United States, China, or other countries against North Korea despite speculations spreading that the outages were caused by a third party nation, Business Insider reported.


Related Article:

Pelosi Announces Plans For Reelection as Democrats Face Midterms With Double-Digit Deficit in Poll

Tags
North korea, Cyberattack, Internet, Outage
Real Time Analytics