Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

12/23/2014
09:30 AM
Sara Peters
Sara Peters
Quick Hits
Connect Directly
Twitter
RSS
E-Mail
100%
0%

North Korea's Internet Restored

Restoration of service weakens arguments that the US was responsible for the outage.

After an outage of several hours, North Korea's Internet service was restored at 8:46 p.m. ET Monday night, weakening arguments that the United States or any other country had hit the country with a distributed denial-of-service attack in retaliation for the Sony hack.

According to Reuters: "Matthew Prince, CEO of U.S.-based CloudFlare which protects websites from web-based attacks, said the fact that North Korea's Internet was back up 'is pretty good evidence that the outage wasn't caused by a state-sponsored attack, otherwise it'd likely still be down for the count.'"

An Internet outage in the US during the holiday shopping season would have a huge impact here, even if it was for less than 24 hours. However in North Korea, where very few individuals have access to the Internet, an outage would have very little impact on the day-to-day lives of ordinary North Korean citizens.

Instead, the outage could have been due to a common technical difficulty or even intentional downtime. Despite its prowess at cyberattacks, the North Korean Internet infrastructure is not robust. The entire country uses only one Internet service provider, and has only about 1,000 Internet addresses.

Its one connection to the outside world is through China Unicom, a state-owned telecom company in China. The company could have shut down the servers used by North Korea -- as US officials have asked them to do -- or launched a DDoS attack of its own, but the Chinese government's official stance is that there is still no proof that North Korea was responsible for the attacks on Sony.  

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
12/27/2014 | 9:19:08 PM
Re: Sony Response ? Business as Usual.

Instead of getting angry to attackers or trying to get even we need to figure it what we do so we can avoid similar types of attacks.

@Dr. T    Couldn't agree more.   What we are actually witnessing is how leaders of industry ( film in this case ) mishandle the "new-age" world in which we live.  I have heard everything from Sony except what they are doing so that this might never happen again. 

I guess they really have no time to answer that question as they are busy working on their latest breech - their Playstation feeds.  

Sony is really becoming a national "eye-sore".    It might be time for those over paid leaders at Sony to actually earn their pay.

 

Don't count on it.

Technocrati
50%
50%
Technocrati,
User Rank: Ninja
12/27/2014 | 9:11:26 PM
Re: Was it really North Korea?

@Dr. T    I hold the same sort of doubt.  Let's be serious N. Korea is not the only place where Sony might be disliked.  Even if it was N,Korea, I am sure they would have been smart enough to "outsource" this particular project. 

And I have a feeling they didn't have to look too hard either.

Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2014 | 5:10:51 PM
Re: Sony Response ? Business as Usual.
I agree. Instead of getting angry to attackers or trying to get even we need to figure it what we do so we can avoid similar types of attacks.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2014 | 5:08:18 PM
Re: N.Korean Outage: An Internet Basics Reminder ?
One path to the outside world through China, it can easily be DDOSed by any cooperation or governments or hacker with a simple set of tools. North Korea does not have an Internet to be targeted by US obviously.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
12/27/2014 | 5:05:14 PM
Was it really North Korea?
 

When it comes to Sonny attack, was it really North Korea? There are independent analysts who argue that sonny attack may not be done by North Korea. FBI did no really release any convincing evidence for many experts.
Technocrati
50%
50%
Technocrati,
User Rank: Ninja
12/24/2014 | 8:33:15 PM
Sony Response ? Business as Usual.

I am also disturbed that the U.S. would seriously consider using any more than the normal recourse for the actions of Sony.  As the President so correctly stated, this is not a reason to declare war.

 

The only war the needs to be going on is within the hallways of Sony's server rooms.

Technocrati
50%
50%
Technocrati,
User Rank: Ninja
12/24/2014 | 8:27:02 PM
N.Korean Outage: An Internet Basics Reminder ?

"...the fact that North Korea's Internet was back up 'is pretty good evidence that the outage wasn't caused by a state-sponsored attack, otherwise it'd likely still be down for the count.'"

 

Not sure I agree with this statement.    I think it was enough in the new cyber warfare world we live in - just to remind the N. Koreans just how the Internet actually works.    Did they get it back from their own efforts or was it restored ?   

COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/6/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15505
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1, and Sentry before 9.7.3 and 9.8.x before 9.8.1, allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2020-15506
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1 allow remote attackers to bypass authentication mechanisms via unspecified vectors.
CVE-2020-15507
PUBLISHED: 2020-07-07
MobileIron Core and Connector before 10.3.0.4, 10.4.x before 10.4.0.4, 10.5.x before 10.5.1.1, 10.5.2.x before 10.5.2.1, and 10.6.x before 10.6.0.1 allow remote attackers to read files on the system via unspecified vectors.
CVE-2020-15096
PUBLISHED: 2020-07-07
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affecte...
CVE-2020-4075
PUBLISHED: 2020-07-07
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. As a workaround, ensure you are calling `event.preventDefault()` on all new-window events where the `url` or `options` is not ...