Hacker News new | past | comments | ask | show | jobs | submit login
I'm the hacker that brought down North Korea's Internet for over a week. AMA (reddit.com)
172 points by consumer451 4 months ago | hide | past | favorite | 151 comments



>Like many other US hackers and security researchers, Caceres had been personally targeted by North Korean spies who aimed to steal his intrusion tools. He had detailed that targeting to the FBI but received no real government support. So he decided to take matters into his own hands and to send a message to the regime of Kim Jong Un: Messing with American hackers would have consequences. “It felt like the right thing to do here,” Caceres told WIRED at the time. “If they don’t see we have teeth, it’s just going to keep coming.”

Indescribably based.


Hardly. He's creating tools that interest state actors with no real means of defending himself or the tools. If he's that concerned he could just destroy the tools, but he wants to have his cake and eat it too.

Then, in response to what should have been an obvious outcome to his actions, he commits what should be described as a "crime against humanity" against the entire communications infrastructure of a foreign country with nuclear weapons.

There is nothing based here. This is stupid with a tinge of greed and ego mixed in.


> '“It felt like the right thing to do here,” Caceres told WIRED at the time. “If they don’t see we have teeth, it’s just going to keep coming.”'

Ask yourself. Do 'hackers' talk like this or military/government employees?

Also ask yourself, is WIRED a 'hacker' friendly magazine or a government affiliated state media?

Some top WIRED offerings

'Former FBI Agent Explains How to Read Body Language...'

'Former CIA Chief of Disguise Breaks Down 30 Spy Scenes From...'

Not to mention reddit and reddit AMAs been used by government agencies to push an agenda.


The actual content of his AMA makes the whole US government apparatus look inept.

Ask yourself, is this something that a US government agent would do?


only if they are interested in communicating to people who don't like the us government


> Ask yourself. Do 'hackers' talk like this or military/government employees?

He said thought his tools would be "stolen?" Then this is a lame manufactured pretext which makes it worse. It also makes his actions and broadcasting them _more_ of a crime.

I'm not sure what your point is here.


Glad someone is saying this. Some obnoxious moron putting countless lives in danger to virtue signal has gotta be a new low on the internet retard scale.


Whose lives did he put in danger?

Also, if the entirety of the US goverment will not protect you from foreign state-sanctioned personal attacks, what should one do? Just sit there and take it, even if one could stop it?

> The State Department has a thing called "Rewards for Justice" and they talk extensively about the NK problem and how we're being hacked all the time. They pay millions for information. I told them "I don't want any of your money, I want you to know who I am [insert wired article here] and that I can listerally make any attack coming from the country North Korea stop in its tracks within minutes. Let me grab their response:

> https://imgur.com/a/s-lX6inGA

> Just be ready to be fucking infuriated. They have a bunch of shit about how we need to take on the NK cyber threat. I literally give them a SOLUTION and they say it's not within their purview, go to other intelligence agencies. I told them I FUCKING DID. No response since.

https://old.reddit.com/r/IAmA/comments/1divlp3/im_the_hacker...


> what should one do?

Examine how their own actions were a large part in creating this particular outcome? Then question if they're worth continuing under such circumstances?

> No response since.

Yea, maybe diplomats should lead the charge, and not self important hackers with a desire to "shut down the internet" in a fit of nerdy rage?


I believe that this was an appropriate level of protest on his part.

The reason that I posted this AMA on HN is that a lot people with influence peruse this website, and it would appear that this person went to intel agencies first, then went to State, and was shut down on all counts. Not just shut down for his personal validation, but shut down as far as potential operations.

I posted this in the hopes that someone with influence would see it, and work to prevent this from ever happening again. This guy tried to go through all the right channels. The US gov failed him, and all Americans, at every level.

Ideally, an intel contact would have responded with: "thanks, I'll make sure that the proper people know about this. Await a reply." Reply: "Please come in... OK yes, we know and will save it for an emergency. Never mention this again. Here is your monetary award, as advertised."

For unknown reasons, that did not occur. After this all happened and got written up in Wired, he is finally getting contact from the appropriate people. Let's not let this go this far in the future.


If North Korea took down US infrastructure we would consider it an act of war. The dange of exposing your devices to the open internet should be well understood by this so-called "hacker".

For him to unilaterally decide to commit an act of war against a foreign nation means he should also be held accountable for it in international criminal court.

Were this any other two nations you might have a different tone. But these are the facts of the matter. He played with fire and if he winds up dead because of it he only has himself to blame. The only people I am concerned about is anyone else now facing danger because of his idiotic actions.


He did not commit an "act of war." He is an individual, who tried to cooperate with his government and was denied.

Meanwhile NK offense regularly attacks him on a nice day, and on every other day installs ransomware on US hospital infrastructure, putting actual lives at risk... All this guy did was shut down their capability to do so.

I am unaware of any law that he broke. IMO, he also did not do anything immoral.


He defended himself against an inept state that regularly shoots random people out of cannons and murders entire family lines of anyone who flees their hell hole.

If NK took down our infrastructure, it would be our fault because we have been warning our corrupt leaders for years and nothing is being done.


But foreign nations are already constantly trying to hack each other.


Do you really think Kim is going to nuke Tokyo or Seoul because a US citizen DDOSed their connection to the internet? I find that .. unlikely


No, but I also don't think this moron should have done what he did. Any retaliation now rests solely on his shoulders.


No attack against North Korea can be considered a crime.


He contradicts himself left and right. In one comment, he writes that they will never come after him, in another that he's seriously concerned. He writes that he has a lot of serious connections in the DoD up to the highest level, and then explains that he has a way to stop any attack from NK, but nobody will even listen to him.


If only those stupid bureaucrats who have probably maintained persistence inside NK networks for the past two or three decades would just listen.


The last two points are not contradictory.


There are a couple good points in the linked Wired article, such as the fact that the Russians, Chinese, Iranians, and North Korea are already escalating attacks on civillian and commercial targets and our restraint isn't being matched.

I fully understand why the US and partner governments won't be able to respond in kind, but there is certainly a lot more that could be done in that domain.


There are people that are in offensive cyber security in the US government, but realistically they have a bit more moral compass than the other state level actors that try and bring a hospital to its knees for the grand goal of making america look stupid for the nationalistic few who might actually care about that sort of thing. There's a saying we have here about never wrestling a pig in the mud: you will both be dirty but the pig will like it.


> that try and bring a hospital to its knees for the grand goal of making america look stupid for the nationalistic few who might actually care about that sort of thing

That the public believes this is our biggest problem from an international policy perspective... (as far as this topic, that is)

These governments are turning a blind eye, if not quietly supporting such because of the sheer economic and social damage.

I know a local hospital group paid 22mil in ransom on top of a lot of days where stuff barely got done.

Iirc United Health said a recent attack was probably 900 million in total costs to them?

It adds up.


[flagged]


Real politik is dirty, no one is perfect, just better or worse (for you).


> but realistically they have a bit more moral compass than the other state level actors

yeah, some of those governments have even admitted to spike their own citizens with LSD to see what happens, and COUNTLESS other things. oh....


When the Soviets shoot down airliners it is becouse they are evil. When we do it is an accident. Just cheer the parade...


Having worked in this space a while back, every federal gov digital service experiences nation-state intrusion attacks daily and in the 1,000s on the low end. Our gov digital infrastructure has been born under the weight of constant attack.

Responding in kind has minimal value because it’s not a deterrent.


These supposed messages between him and the state department lead me to believe it's either all or mostly exagerations or lies: https://imgur.com/a/s-lX6inGA

Maybe it's just my lack of knowledge of some regionalism, but doesn't it seem very odd that a technical person would use "in the open source", to refer not to code, but to a PR article on some news website?


I was getting kind of similar vibes. When they reveal the story, it’s basically “traceroute identifies 2 choke point routers, and I DDoSed them with traffic”.

That’s cool and neat for guerrilla warfare, but I would assume the NSA and DoD are already aware of that possibility? I wouldn’t even be surprised if they saw the DDoS happening on network monitoring tools. Why clandestine meetings for that?

I get why the media is interested, it’s an awesome story.


I imagine the NSA has a fully mapped out network layout for most major foes continuously updated in some sort of inventory database but for enemies, the same way they track large military gear and in which bases its at for their enemies. So yeah this seems very strange.


NSA and similar agencies are probably even mad at him, because he exposed the weakness that they could have exploited when needed, which is probably now patched.


> NSA and similar agencies are probably even mad at him, because he exposed the weakness that they could have exploited when needed, which is probably now patched.

Then they should have caught this when he came forward to multiple agencies, and was told that no one cared.

Please see my related comment as to why I submitted his AMA to HN. It's to bring to light this egregious lapse in US gov procedures:

https://news.ycombinator.com/item?id=40733355

Disclaimer: I do see the possible benefits for citizen liberty, where all agencies do not share every interaction with citizens. However, when a US citizen volunteers something actionable, there should be a special cross-agency path.


> It's to bring to light this egregious lapse in US gov procedures:

There is no lapse, egregious or otherwise. This kid is playing in a game he doesn't fully understand, and likely just annoying people who have been playing the game a lot longer and at a deeper level than he is.

He thinks being able to DDoS chokepoint routers with $5000 worth of VMs to spam traffic is an amazing discovery. It isn't. That's why no one cares.


They don't care for a couple of reasons.

The first is that it was already obvious to anyone who has worked with large-scale networks even before firing up traceroute. It was already widely known that North Korea has bad peering, because nobody but China wants to peer with them. The US is where most of the major cloud companies are headquartered (i.e. resources can be commandeered), and the defense budget would support an _enormous_ DDoS attack without even flinching.

Secondly, denial of service attacks are worth much less to governments. They have the capability to physically break infrastructure either obviously with bombs or clandestinely via who knows what. They don't _need_ a DDoS to deny service, and it's certainly not their most effective way to cut off communications.


See OSINT. It's well established terminology.

https://en.wikipedia.org/wiki/Open-source_intelligence


It's a weird term. My impression is that it mostly means "randos LARPing spies", though there's a commercial angle too, it being to intelligence what PMCs are to the military. May or may not be called after "Open Source Publishing, Incorporated", featured here: [0].

--

[0] - https://irp.fas.org/congress/2005_hr/062105jardines.pdf


it is not a weird term, and is absolutely a thing. a big deal in 2024, really.

back in the day it was just "reading the newspapers and talking to the local cab drivers", but on 2024 you're scanning forums and social media, on top of news sites.

go to a military-related subreddit and start asking questions about stuff, and you'll eventually get an expert to chime in. Make wrong & stupid claims and then have them slap you down and spill some details -- that's how they got dudes to release classified tank info in Warthunder.

dudes in Palestine and in Ukraine are getting killed because they post selfies and tweets that have GPS coordinates in the metadata. Not hidden behind any top secret firewall, easy to find if you're checking VK or Instagram, but very real implications for dropping bombs.

OSINT is also absolutely a thing in Cyber, where you can get a lot of details about a target by reading their press releases -- "Corp X signs big new deal with Oracle" -- which can give you a new attack surface. Phishing, on a long, broad timeline, has a very high success rate, so go onto Linkedin and start connecting to people. Figure out their tech stack, create a Sales Guy account, and start reaching out to Architects and Managers, and then map out the teams that might have elevated access...


> OSINT is also absolutely a thing in Cyber

First time I see "cyber" used as a noun. Is that short for "cyberspace", i.e. the internet, or is it something else?


the military uses it to describe all things relating to the internet, the rest of us used to use it to mean cybersex, which why you mostly only ever hear it from military folks and c-suite type people now and the rest of us kinda chuckle under our breath every time they mention it.


Five-sided thought is a hell of a drug, are you _sure_ you want to know?


Cybersecurity i think.


https://www.foreignaffairs.com/world/open-secrets-ukraine-in...

To summarize, there are many people in government who are interested in open source intelligence.

Traditional sources of intelligence are gathered with secret means and therefore must be restricted in distribution to prevent burning the source. This means you can have the best possible intelligence but be unable to a) act on it or b) distribute it to people who can.

The value proposition of using open-source intelligence is that you can distribute it very widely to decisionmakers since it's already "out in the open". Intelligence isn't about hoarding secrets for the sake of such; it's about getting information to people who can use it.

The political issue is that people assume that "secret = higher quality" when there's no inherent value to secrecy. So, spy agencies overinvest in secret-gathering, get a ton of info, and are unable to do anything with it.

Meanwhile, if someone posts a tank manual on the WarThunder gaming forums you can give that to every soldier that might encounter that tank.

This is doubly important in tech because many big tech companies play a significant role in national security but cannot get intelligence that would help protect them, and by extension, American interests.


Ye they are larpers that sell security consulting etc.

It is a scam. Especially attribution of hacks to states that are on the Washington shit list. There is just no way to know.


Thanks, never heard this in just technical circles but haven't been close to any security work.


I'm a little confused by the news stories about this. Did he take down their country-wide network, or just the few lines in and out of the country? It seems like he just hit a few NK websites and they everything stopped responding to him. Its like cutting the uk-europe power links and saying you took down all of the UK's power infrastructure


Only the lines in/out. NK has their own intranet which is completely separate from the global internet, which was presumably entirely unaffected by this.

https://en.wikipedia.org/wiki/Kwangmyong_(network)


So not really much effect on the system then, overall


> North Koreans often find it more convenient to access sites by their IP address rather than by domain name using Latin characters

Don't blame them. Enom fee's are extortionate. And when DNS breaks it still works.


Related:

North Korea hacked him, so he took down its internet - https://news.ycombinator.com/item?id=30180566 - Feb 2022 (238 comments)


I'm shocked that he shows his face and identifies himself willingly


I worked with him briefly on another project and he was pretty comfy and open about the whole thing. In fact I think I remember him mentioning doing a talk at a conference about it. He's a genuinely nice guy and fairly laid back about things. NK regime maybe is annoyed with him, but there is an almost zero probability of them being able to do anything other than digital harrassment to him.


Considering they have performed assassinations outside of their soil, I would be slightly concerned.


They assassinated a potential rival for the throne. The situations are not even remotely similar.

Killing a US citizen on US soil would not go down well.


India killed a Canadian citizen on Canadian soil... What exactly would the US do to North Korea that we haven't done already?


The film The Interview was released in 2014. Ten years later, Seth Rogen and James Franco are still alive.

> North Korean state media threatened "merciless" retaliation for his depiction in the film. Seth Rogen responded, "People don't usually wanna kill me for one of my movies until after they've paid 12 bucks for it."

https://en.m.wikipedia.org/wiki/The_Interview

Where is the merciless retaliation? Keep in mind this film has a graphic scene where Kim Jong Un dies…


Big "lifelock" vibes...and if I understand it correctly, that lifelock character has had his identity successfully stolen and impacted multiple times.

Sometimes the person who says "I'm really smart, like mensa level", does some really ignorant and stupid things.


Sometimes you're also just hoping to find someone or something out there that interests you.


The hacker doesn't understand what they're getting themselves into, especially bragging about it. The hard part about going up against an entire nation/state is that it's relentless. The state never gets tired and never runs out of money, they could setup a team of people to 'work' on that individual and also potentially his present and future family members for a very long time. They can keep replenishing their teams with more people. The state always has a few people to spare for high-exposure targets. The leaders of that state might even forget about the existence of the individual but the operation will keep going until it's canceled... But since they forgot about the operation in the first place, it will keep going until there is some kind of broader administrative restructuring, cost-cutting or something... Which could be a long time away. Few things are more terrifying than totalitarian state bureaucracy.


Yep, it seems way too many people know who he is irl. I would be not sleep well for the coming decade at least.


Eh, he’s probably safer than if he’d hacked a cartel. North Korea isn’t known for its tradecraft in the United States.


While it's true that North Korea's tradecraft within the U.S. might not be as sophisticated as some fear, the situation isn't so straightforward. Given the significant public exposure of this case and the individual's prior connections within the U.S. government, NK would need to carefully weigh their options.

I would wager that if NK would attempt to harm this hacker it would be through using third parties like cartels or local gangs. This could offer NK plausible deniability and physical access to the target, but it also complicates their operational control and increases the risk of exposure. The calculus for NK would include considerations such as:

- The individual's public and former government status, which might provoke a stronger U.S. response if harmed. NK would have to vet the hackers assertions that he still has meaningful and significant contacts within the USG. - The cost and complexity of outsourcing such an operation discretely. - The types of U.S. responses that might follow, from diplomatic measures to cyber counterattacks.

While an attack via third parties is plausible, and given these factors which I am sure there are others I haven't considered, it would require NK to balance the benefits against the potential repercussions and the likelihood of successful attribution. But I am very confident that if they do follow through it will be using a cartel or local gang as proxy for the reasons I mentioned.

P4x's public disclosures and technical skills make him a unique target, but as he himself noted, the operational capabilities of North Korea within the U.S. are limited. It's a nuanced threat landscape where indirect methods might be considered but are not guaranteed to succeed without significant risks.


Yeah and North Korea is known for punishing family members. It's just foolish to brag like that. Probably worse than the hack itself.


Yep and I mean... don't we all remember the assassination of Kim Jong-nam outside of North Korea in a Malaysia airport ?

who know if NK will do it again, but showing his identity so that NK know who they should target is really stupid


Redditors will do literally anything for social validation


Someone engrossed in digital foolery not understanding how the real world works is so stereotypical I wonder if there's more to this.

Incidentally for anyone who's actually paying attention, the first rule in covert actions is being and staying inconspicuous. The real world isn't like Hollywood where people working in the shadows can become celebrities as a side gig.

I hope this guy has a really good security detail now that he painted such a biglyarse target on himself. God damn, man.


> the first rule in covert actions is being and staying inconspicuous.

Some hacker movie said the problem is when you brag about it, and you desperately want to... and just looking at his post with the edits, he really is metaphorically jerking off to how awesome he is.

Holy frakk, he's even posted his face on that post. GOD DAMN! I half look forward to reading about how 2 women were fooled into pranking^W assassinating him (1). I hope dude isn't thinking of travelling to Asia anytime soon.

1) https://en.wikipedia.org/wiki/Assassination_of_Kim_Jong-nam#...


100%. Maybe he will get a job with US intelligence or something, that could provide some safety. People should take this stuff seriously. As you say, it's not like in the movies. Hollywood continuously trivializes the enormous power wielded by states. There are some enemies you really don't want to make.


Such an attack is, IMO, morally dubious.

North Korea is a poor country with millions of starving citizens, and rather than sending food aid, you broke down their only comms to the rest of the world?


The starving, and heavily repressed citizens do not have access to the internet in NK. This attack did not affect any of them to any extent.

Whom it did affect a bit, hopefully, were the people complicit in the repressive dictatorship that runs the country.

The repressive dictatorship that engages in, among many other bad things, scams and online fraud to partially finance the country. For this they of course use the internet. So, taking them off-line for a week may have prevented someone from getting scammed. Good result.


> attack did not affect any of them to any extent

Probably didn’t. Can’t say definitively. Shipments of critical resources could have been disrupted, et cetera.

Doing this with zero context was probably reckless by this hacker. It also likely had zero real-world consequences.


Good result.

There's rarely such a thing as a clear, objectively simple 'good result' for this sort of action because outcomes have knock-on effects. For example, if the North Koreans responsible for maintaining internet access were executed over this that diminishes the result significantly.


Good point, but the original comment was about whether the hacker was morally dubious, not the outcomes. If a bad actor does bad things because of what you did, you're not morally responsible for it — he is.


Yes and no.

Only the elite in that country has access to the Internet. The starving citizens do not have access to the Internet, and even if they do/did, they're so heavily monitored the minute they even glanced at something controversial they'd be shipped to a concentration camp.


> Only the elite in that country has access to the Internet.

Sure, but then the overall population might be depending on it indirectly.


How much did you indirectly depend on Golf Digest when President Trump was reading it in office?


It depends what the 'hacker' took down. They have their own intranet that is available for more or less all citizens since 2022


It's not like he went in out of pure malice or anything though, they were trying to hack him first. Not saying it's some morally pristine thing, but it definitely communicated what it was trying to communicate.

As an analogy, we should have empathy for homeless people stuck in poverty, but if one of them continually bikes to your house and tries to break in, is it morally dubious to eventually take their bike chain rather than just shooing them away each attempt? I imagine the moral razor would fall on similar lines.


Regarding your analogy: I think it would be more like taking the bikes of every homeless person as opposed to just the one. Would that make it more or less morally dubious?


I don't think it's quite like that, since there's no direct action aiming to antagonize poor North Korean citizens; they are suffering indirectly due to the harm done to the actual target.

In the homeless analogy, maybe the attempted-robber's friends go hungry, since he usually uses the bicycle to go to the grocery store.

To me, I don't imagine this changes the calculus much, since almost any intervention will have side-effects.


To those downvoting, I'd certainly be curious to hear why.


I dont agree. Did you send food aid to North korea? And if you did, are you sure it was not used to feed the guards? I find sending food instead of trying to destroy the regime a morally dubious thing to do for exactly this reason...


Food aid rarely reaches the people who need it. The North Korean regime is notorious for diverting aid, or selling to finance its nuclear program. Responsible food distribution requires careful monitoring, which the regime rejects. https://www.reuters.com/article/idUSSEO369467/


Any attack on any sufficiently large structured system will indirectly harm those who depend on it, irrespective of how unjust, dangerous, and/or corrupt it might be. That does not make resistance inherently immoral. If we permit these institutions to take their subjects as hostages and refuse to confront that kind of monstrous behavior for what it is, we permit those institutions to continue abusing their populaces forever because they will never stop of their own volition.

Every resistance action carried out by every resistance group against tyranny throughout history has been washed in the blood of people who did nothing wrong.


I agree with that statement. What's the point in embarrassing that regime. Some IT guys might get in pretty serious trouble now. Good that you found out though, impressive work.


They are heavily sanctioned criminal country that is openly aiding a genocidal regime. If anything is then your comment is morally dubious.


[flagged]


Probably not a fabrication, depending on what you see as a reliable news source.


Why isn’t he in prison? I mean, going by the West’s own laws, or the spirit of them, anyway. Unless he is part of said West’s Armed Forces, in which case this would get really close to a casus belli.


> Why isn’t he in prison?

Not an enforcement priority for the same reason a lot of domestic abuse goes unprotected: the victim is uncoöperative.

> going by the West’s own laws, or the spirit of them, anyway

Pyongyang and prosecutors would have to show he attacked a “protected computer” under the CFAA [1]. Given the two routers he allegedly overwhelmed were internet connected, that shouldn’t technically be hard under Trotter and Kane. But it would be a novel expansion of interstate commerce to encompass a country with whom Americans cannot legally trade, i.e. do commerce.

Put another way, North Korea’s status as a sanctioned country might put this into a legal grey area—it might not be criminally punishable. To settle that question would take a lot of prosecutorial resources. It’s not clear those are well spent on a case where the witness won’t coöperate.

[1] https://www.coreyvarma.com/2015/01/what-is-the-computer-frau...


I can imagine he did piss of some agencies? I mean other states could have mapped NK's whole infra, made a plan to take down NK's internet when "needed" (i.e. in case of some event)... Then some dude triggers it just for fun...

Some things are too big to just mess around with, I would feel extremely vulnerable having pulled such a stunt.


> can imagine he did piss of some agencies

Sure. But OP asked why he isn’t being arrested. Plenty of people piss off the IC when they publish e.g. long-coveted (and independently discovered) zero days, or write an exposé on something an agency was hoarding for interagency political value.


or easily spy on ALL internet traffic, which they probably do anyway


Privateering is back, baby!


It's already back, Russian, Chinese and North Korean hacking groups receive state funding and cover.


> Privateering is back

Good point: a final hurdle inhibiting criminality is his lack of profits. No disgorgeable gains. That means you’re only left with damages, which again, requires the victim’s coöperation to assess.


there is a lot of 'looking the other way' when it comes to people hacking 'adversaries'. Just look at people going at russia's network now. western authorities arent exactly busy trying to stop that. i imagine similar priorities for NK, china and other places.


> Why isn’t he in prison?

He very much could, if politics changed. The US hates NK not because they are authoritarian but because they are not aligned. If they were to be aligned, and this guy didn't act on proper authorization, he could find himself in hot waters in the USA.

Plus he might have broken a bunch of "international" rules which could see him in trouble if he was to travel to some countries.

It is really reckless; but then there is a good chance he was acting behind some agency.


> there is a good chance he was acting behind some agency

Almost certainly not. The vector would have been saved. And he wouldn’t have maintained this public profile ex post facto.

Consider, for example, taking it down during today’s state visit? (After you’ve quadruple checked that the Russians have independent connectivity.)


"the West" has to keep some degree of not officially caring to avoid being backed into a policy corner and has no incentive to take law enforcement action when threat actors in those other countries operate with impunity.

We're already well into causus belli territory with NK, but nobody wants to go there: https://x.com/tarah/status/1798036415932187127


That link doesn't really explain what exactly it's talking about, it's a single reply with the original post invisible and all replies invisible. It speaks of a cyberattack without mentioning which one.


It works for me? That's normal behavior if you aren't signed into Twitter :(

Summary of thread: Society doesn't handle 2nd order consequences well. NK cryptolocker attack on healthcare-involved systems in British hospitals disrupted treatment to the extent that hundreds of people died who probably wouldn't have.

Expanding on that: Organized crime groups located in and sometimes tasked by RU SVR & GRU (not to mention NK state groups) have caused sufficient disruption to US healthcare systems to have indirectly caused more US Citizen deaths than the Sept 11 attacks. Right now cyber that does not directly cause destruction such as making buildings blow up or poisoning water supply is treated as just an annoying white collar crime.

I don't think anyone wants the US Government to be in a position where their options are to admit powerlessness or get proportional against nuclear armed states.

Somewhat related: https://blogs.icrc.org/law-and-policy/2023/10/04/8-rules-civ...


Because one of the 3 basic principles of sovereignty (as is understood by western political philosophy, known as Westphalian sovereignty) is that there is no other authority inside a State’s borders except its own.

This means no other country has jurisdiction in North Korea, besides, there’s also no incentive to help in case DPRK asks for help.

France doesn’t investigante crimes that happen in Spain, Portugal doesn’t investigate crimes that haven in Canada, the USA doesn’t investigate crimes that happen in Germany, etc…


> western political philosophy, known as Westphalian sovereignty) is that there is no other authority inside a State’s borders except its own

You’re citing centuries-old political philosophy, only remnants of which remain in our world [1].

The West that arose after WWII and through the Cold War is decidedly non-Westphalian. Concepts like human rights, non-proliferation and self determination are non-Westphalian. The Nuremberg trials were anti-Westphalian.

The closest modern analogues to (and proponents of) Westphalian philosophy are Russia, China and North Korea.

[1] https://en.m.wikipedia.org/wiki/Westphalian_system


These "proponents" seem less strict about applying this philosophy to states other than their own.


The Westphalian treaties gave France, Sweden and later Russia the explicit right to intercede to guarantee the Imperial constitution [1]. (Westphalia was concerned with the Holy Roman Empire.)

Westphalian sovereignty as a historical concern is a myth [2].

[1] https://en.m.wikipedia.org/wiki/Guarantor_of_the_imperial_co...

[2] https://www.cambridge.org/core/journals/international-organi...


>France doesn’t investigante crimes that happen in Spain, Portugal doesn’t investigate crimes that haven in Canada, the USA doesn’t investigate crimes that happen in Germany, etc…

https://en.wikipedia.org/wiki/Interpol

https://en.wikipedia.org/wiki/Europol


Remember this guy didn't fly to DPRK, he committed what could be considered crimes under CFAA while on US soil? (CFAA written broadly enough that taking a country offline could be considered to affect foreign commerce/communication of the US)


The FBI has offices around the world.


[flagged]


Well, if DPRK wanted to bomb countries so bad, they could be allied with US and NATO


Russia wanted to join nato, but nato wouldn't let them. Why would N korea even try then?


> Russia wanted to join nato, but nato wouldn't let them.

That's not true. You will not find a single law approved by Russian Duma that sets it as a foreign policy goal like in countries that did choose to join NATO.


Putin, at least, says he wanted to join NATO back in 2000 (according to the Stone interview). But he put it, "the U.S. delegation got very nervous."

Granted this was well before his total Machtergreifung, and he definitely was not equated with "Russia" at the time like he is now. But that's his telling of events, in any case.


Because the "rules based order" means a diferent set of rules for different situations.

If it's something "we like", then it's ok, if not, then prison.

Same for geopolitics... in one case, we care about teritorial integrity, that minorities should not seced, and in others we help with the breakup of countries... well.. or in some cases, we act is if nothing is happening at all, and noone wants to break away at all :)


Ајсе Cрбине реци им како ствари стоје, ја покушавам ал сам увек флегд :)


It would take someone that wanted to prosecute him. If his story is real he deserves a medal and possibly a job at the NSA/CIA instead of a court date.


Has NK asked to extradite him? Maybe a swap for the sony hackers?


Don't worry, the North Koreans, if sufficiently pissed, will take care of him.


No no no, ofc its morally justified to do such thing against impoverished nations! After all, if they are subjected to famine-inducing embargoes, they probably deserve it!


Self imposed poverty due to the authoritarianism. They’re the bad guys, we care less if bad things happen to them.



i hope no poor IT engineer in NK and his family for 10 generations isnt going to be sent to workcamps because of this joke.


The only person to blame for that behavior is the chaotic and capricious dictator taking these actions against the population he is oppressing.


just like car manufacturers are the only people responsible for accidents on the road?


No. Not at all.


So if it was down, how did it affect global security metrics?


This is a good point that no one has really pointed out based on my skimming, except for the OP saying they could stop all NK based attacks, which I’m guessing is based on blocking the 2 country routers.

However, a minimal amount of cyber attacks probably actually originate from NK directly. It’s known the NK hackers are trained in China and attacks probably flow through compromised VPS accounts, VPNs, open proxies, and open SOCKS-5 located around the world.

The NK hackers could be sitting in NK using the systems I referenced above to do their attacks and were not able to because they couldn’t connect to the internet. Maybe so, but they are most likely usually sitting in China and other locations.


It’s legal to hack North Korean infrastructure? Might be a good way to test out your hacking skills.


Sounds like a terrible way. One screw up, and then you have one of the worst nations on earth in every metric with an axe to grind against you. No thanks. Meetups in Vegas hotels seem a lot safer and more fun to practice hacking skills.


Talk about delusions of grandeur. He knocked a few public facing HTTP hosts offline, amazing! I can “a bring down North Korea’s internet” aka a few public hosts for a week too if I rent Lizard Squads stresser for $400 a week. What’s supposed to be impressive about that?


No, he knocked out the two routers serving the entire country. NK sites were inaccessible to the outside world, and outside sites were inaccessible to NK.


But very very few North Koreans even have access to the internet. Regular people just have access to a local intranet with censored information.

That exercise that Russia did a few years ago to see if they could function cut off from the internet? For north Korea that's the regular self-imposed status quo. I don't think it will have had much impact on daily life there.


But it would have had a big impact on the lives of the elites in the country, which are the people you want to hurt to put pressure on the regime.


How much exposure of the regular internet do North Korean hackers have? What are the odds of turning them?


None. This was a middle finger to the NK State apparatus and that's about all.


Not true, there are/were North Korean hackers actively using platforms like Hackerone and other lesser known SaaS that haven't implemented KYC for training.


I think this was a pretty stupid joke. Especially if the OP is an individual. Making a nation state your adversary as merely a sole individual is something you never ever want to even risk. Any rational human being (not just hacker) would know or recognize that. Very often it is ego that directly leads to doing irrational actions like this.


North Korea was already targeting him. The hack was in retaliation.


>> JDdoc: Once you knew you had access, did you make a point of saying “I’m IN!” out loud, even if no one was in the room with you?

> dotslashpunk: lol, no I only say that during either sex or when I'm able to join a meeting successfully with my microphone and speakers actually working. Both are rare.

Talented and funny. He's wearing his new found fame well.


Is anyone mining bitcoin in DPRK ?


Even if they really wanted to there isn’t enough electricity in NK. Lots of articles written about the minimal amount of emitting lights seen at night.


I highly doubt that, it’s quite a lot for the system to power the 1% elites, the palace, and the ballistic missile factories.


Which is why it would be so interesting


It's 100% clear why his I initiative was buried. The guy is a reckless egomaniac jerk. He is very transparent that he would do illegal stuff on a whim, target civillians, escalate conflict with other nations without even consulting a superior, and then reveal his face to the whole world, spilling secrets left and right, for a minute of internet publicity. And do a reddit AMA. And put "I am single LOL" there, showing just how much he can be trusted with leading a government cyberwarfare task force

What I read is that guy did a clever DDoS, which is mildly impressive, and decided to become a twitter celebrity/NK assassination victim. I am no hacker, but I expect real hackers to be laughing their asses off.


had it been any other country (as long as not opposing the western bloc), i wonder if he would be able to be so open and vocal about it.

two wrongs don't make a right, usually.


I'm unsure on the ethics of this.

Yes only the elite have the internet, but also the internet is likely used internally for communication, which is important for resource distribution.

I don't give two shits about the elite in NK, but the starving folks living there have my deepest sympathy.

I'm lucky to have a lot of advantages, and I can't help but see many of them as an accident of birth.


> I'm unsure on the ethics of this.

I think I can make it simple. Would love to hear of any cases refuting this.

If the country is on the US State Department's 'Sponsored' program list (currently DPRK, Iran, Sudan, and Cuba) it doesn't count. Florida terrorism ok, you get a pass and called a hero: https://en.wikipedia.org/wiki/Luis_Posada_Carriles

Comparing to other more recent Florida originated attack on against a poor country, the assassination of Haiti's president. Haiti is not on that country approval list, go directly to jail: https://www.justice.gov/opa/pr/four-florida-men-arrested-plo...


So basically the elites are using the internet to control (feeding) the starving folk.

No internet means less control. Brings them closer to the starving folks level, more chance of actually being a "people's republic" then. There's not much government worth salvaging in that country, basically an army.

The only loss would be them improving their security now. Other world governments may have left that vulnerability untouched purely in case they need to use it at a later stage.


The only person responsible for the starving people in NK is their dictator that keeps them in those conditions.


The thing I took away from this is that Putin is visiting a country with two routers running their whole internet, and these are his partners.


Nothing about this ama/article suggests that NK is anything but a Potemkin country - a false baddie for others to hide behind. The NK idea is useful to agencies, in certain circumstances.


> Potemkin country

Maybe they’re another Russia, their tanks and artillery all crumpets. But maybe not. They have a lot of them on paper [1].

[1] https://en.m.wikipedia.org/wiki/List_of_equipment_of_the_Kor...


They have missiles and nuclear weapons.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: