North Korea internet offline for several hours

The North Korean internet gradually lost connectivity early yesterday until finally going entirely offline in the early afternoon.  Service was restored a few hours later, but speculation immediately centered on the cause being an attack by U.S. cyber-warriors in retaliation for North Korea's probable hack of Sony Corp.

But some analysts believe there are other plausible explanations for the incident.

New York Times:

Experts who monitor the health of the global Internet called it one of the worst North Korean network failures in years. But American officials who had described over the weekend how they were intensely focused on the country’s telecommunications connections through China — and how they had asked the Chinese government for help in cutting off the North’s ability to send malicious code around the world — declined to discuss what befell those connections.

“I guess accidents can happen,” one said in a very brief telephone conversation.

A State Department spokeswoman, Marie Harf, told reporters on Monday, “We aren’t going to discuss, you know, publicly operational details about the possible response options,” adding that “as we implement our responses, some will be seen, some may not be seen.”

There was no definitive way, at least in the short term, to determine whether the connection had been cut, overloaded, or attacked. And security experts cautioned that there could be many reasons for Monday’s failure. North Korea could be pre-emptively taking its systems offline to prepare for an attack, some said.

Chris Nicholson, a spokesman for Akamai, an Internet content delivery company, said it was difficult to pinpoint the origin of the failure, given that the company typically sees only a trickle of Internet connectivity from North Korea. The country has only 1,024 official Internet protocol addresses, though the actual number may be a little higher. That is fewer than many city blocks in New York have. The United States, by comparison, has billions of addresses.

But when the sun rose in North Korea on Tuesday morning, the few connections to the outside world — available only to the elite, the military, and North Korea’s prodigious propaganda machine — were still out.

As the morning wore on, however, some of the connections began to come back after a blackout of nearly 10 hours, though there was still very little traffic, according to CloudFlare, an Internet company in San Francisco.

Those connections to the outside world are managed by Star Joint Ventures, the country’s state-run Internet provider, and almost all of them run through China Unicom, China’s state-owned telecommunications company. They were not operative on Monday, but the causes could include a cyberattack by the United States — something American officials have said they would be hesitant to do if it meant infringing on Chinese sovereignty.

Is it possible that China, fearing that its own internet was at risk because of North Korean shenanigans, pulled the plug itself – perhaps in response to a request from the U.S.?  Anything is possiible.

To be sure, the outage had close to zero impact on the NoKos, so we had better hope that this is not the full extent of our "retaliation" against North Korea.  Considering that President Obama's preferred response to aggression is the "strongly worded letter," maybe we should count ourselves lucky.

The North Korean internet gradually lost connectivity early yesterday until finally going entirely offline in the early afternoon.  Service was restored a few hours later, but speculation immediately centered on the cause being an attack by U.S. cyber-warriors in retaliation for North Korea's probable hack of Sony Corp.

But some analysts believe there are other plausible explanations for the incident.

New York Times:

Experts who monitor the health of the global Internet called it one of the worst North Korean network failures in years. But American officials who had described over the weekend how they were intensely focused on the country’s telecommunications connections through China — and how they had asked the Chinese government for help in cutting off the North’s ability to send malicious code around the world — declined to discuss what befell those connections.

“I guess accidents can happen,” one said in a very brief telephone conversation.

A State Department spokeswoman, Marie Harf, told reporters on Monday, “We aren’t going to discuss, you know, publicly operational details about the possible response options,” adding that “as we implement our responses, some will be seen, some may not be seen.”

There was no definitive way, at least in the short term, to determine whether the connection had been cut, overloaded, or attacked. And security experts cautioned that there could be many reasons for Monday’s failure. North Korea could be pre-emptively taking its systems offline to prepare for an attack, some said.

Chris Nicholson, a spokesman for Akamai, an Internet content delivery company, said it was difficult to pinpoint the origin of the failure, given that the company typically sees only a trickle of Internet connectivity from North Korea. The country has only 1,024 official Internet protocol addresses, though the actual number may be a little higher. That is fewer than many city blocks in New York have. The United States, by comparison, has billions of addresses.

But when the sun rose in North Korea on Tuesday morning, the few connections to the outside world — available only to the elite, the military, and North Korea’s prodigious propaganda machine — were still out.

As the morning wore on, however, some of the connections began to come back after a blackout of nearly 10 hours, though there was still very little traffic, according to CloudFlare, an Internet company in San Francisco.

Those connections to the outside world are managed by Star Joint Ventures, the country’s state-run Internet provider, and almost all of them run through China Unicom, China’s state-owned telecommunications company. They were not operative on Monday, but the causes could include a cyberattack by the United States — something American officials have said they would be hesitant to do if it meant infringing on Chinese sovereignty.

Is it possible that China, fearing that its own internet was at risk because of North Korean shenanigans, pulled the plug itself – perhaps in response to a request from the U.S.?  Anything is possiible.

To be sure, the outage had close to zero impact on the NoKos, so we had better hope that this is not the full extent of our "retaliation" against North Korea.  Considering that President Obama's preferred response to aggression is the "strongly worded letter," maybe we should count ourselves lucky.