Cyberwarfare: US Launched DDoS Attacks Against North Korean Spy Agency
The United States has reportedly been engaged in offensive cyberattacks against North Korea, but with no destructive results. According to a report by the Washington Post, President Donald Trump signed a directive earlier this year of putting pressure against North Korea that involved several diplomatic and cyber-military actions, including using cyber activities against the country.
US Cyber Command DDoS-ed North Korea
The United States Cyber Command, which was elevated to a Unified Combatant Command by the President earlier this year, targeted North Korea's military spy agency, the Reconnaissance General Bureau. The attack was a distributed denial of service (DDoS) campaign with an aim to flood North Korean spy agency's servers with traffic, crippling its access to the internet.
"The elevation of United States Cyber Command demonstrates our increased resolve against cyberspace threats and will help reassure our allies and partners and deter our adversaries," the White House had said when the President had elevated its status to a combatant unit. "Through United States Cyber Command, we will tackle our cyberspace challenges in coordination with like-minded allies and partners as we strive to respond rapidly to evolving cyberspace security threats and opportunities globally."
It is unclear when exactly the DDoS attack was launched and how long it lasted, but the Post said that the operation "was due to end" on September 30. The overall campaign - that included a diplomatic campaign to push other countries to sever all ties with Pyongyang - was started in March, this year.
Choked internet potentially helped US monitor North Korea's communications with international hackers
The officials in the US believe that the campaign wasn't destructive and was merely designed to put pressure on the country. "Nonetheless, some North Korean hackers griped that lack of access to the Internet was interfering with their work," WaPo reported citing an official. While North Korea isn't going to find any vocal allies, the latest DDoS attack does make a point that the United States is capable of crippling an adversary's cyberwar capabilities, even if temporarily.
Russia started providing a second internet route for North Korea, that showed up on Dyn Research according to Security Week. "In effect, it went live with a stable link between Russia and North Korea shortly after the US Cyber Command action finished," the report adds. Analysts believe that with the DDoS attacks, the US could have had two goals: send a warning to the country and push it to reveal its other channels of internet access or use those that are potentially being monitored.
Some, however, worry that the operation - while not destructive when looked through the US officials' eyes - might be taken as an act of war by the North Korean administration that could retaliate against the United States using its critical infrastructure that some believe has already been compromised.
North Korea hasn't been innocent itself when it comes to cyberattacks. "What I can tell you is that North Korea has itself been guilty of cyberattacks, and we are going to take appropriate measures to defend our networks and systems," a US official said. But Eric Rosenbach, former assistant secretary of defense, warned that "there’s accompanying risk of an escalation and a North Korean cyber-counterattack."