Modern field guide to security and privacy

Opinion: Why the US isn't behind the North Korean Internet outage

North Korea has a fragile Internet, with a risk of being disconnected from the Web for any number of minor sneezes. But an attack of this nature can be easily attributed to the US and the administration should be up front about it. 

Vincent Yu/AP/File
At the Kim Chaek University of Technology in Pyongyang, students sat in a classroom with portraits of the country's late leaders Kim Il Sung, left, and his son Kim Jong Il on the wall.

It's unlikely the US government was behind the recent disruption of the North Korean Internet.

First, this kind of "you-slap-me-I-slap-you" response is not the US style. Instead, the Americans are more likely to come up with some epic, uber-technological hack that cleverly inverts the North Koreans internal systems, such as Stuxnet did to the Iranians.

What's more, the US fully supports cross-border flow of information as fundamental under Article 19 the Universal Declaration of Human Rights and a distributed denial of service attack, or DDoS, violates that, limiting people's access to the Internet. Even though the North Koreans have only limited connectivity for the elite, the White House and Department of State would not give up this principle lightly.

The North Koreans have an incredibly fragile Internet, with a very high risk of being disconnected from the global Internet for any number of minor sneezes.

They only have four externally connected networks and just about a thousand Internet addresses. This means the North taking themselves offline would be easy (a la Egypt) but so would an offshore earthquake (such as what on Dec. 26 2006 to most of East Asia) or a deliberate DDoS. With DDoS attack rates starting to top 400Gb/s, there are few networks in the world that can handle a modern attack, and certainly not a nation with such sickly external connectivity. 

Literally, a few kids would be able to pull this off. And most important of all, the four North Korean networks all connect through China. Even if the White House would somehow authorize an attack against the Pyongyang Internet, there's very little likelihood President Obama would approve such an assault on Chinese sovereignty for such minuscule and fleeting national security returns.

It is entirely possible this is good old American patriotic hackers, mimicking the Jester, or Anonymous looking to strike back against North Korea. If so, then the Department of Justice must do like it did at the time of Iraq invasion in 2003 and warn them that the US government "does not condone so-called 'patriot hacking' on its behalf."

It is not in the US interest to legitimize patriotic hacking, which are a Chinese and Russian specialty. They are much better at it than we will ever be (or want to be).

And whether the US did or did not conduct this attack, the government spokesman must say either way. In the face of an attack that can easily (but hopefully mistakenly) be attributed to our nation, it is not acceptable for official spokespersons to insist the US isn't "going to discuss publicly operational details about the possible response options."

Not saying we aren't doing it makes us look guilty; not saying we are makes us look as bad as the other guy. It's an admission that attribution is only a problem when concealing the unjust actions of others. If the US wants other nations to be responsible then it should start at home.  

Jason Healey is the director of the Cyber Statecraft Initiative at the Atlantic Council and a former director of cybersecurity policy at the White House.​


of stories this month > Get unlimited stories
You've read  of  free articles. Subscribe to continue.

Unlimited digital access $11/month.

Get unlimited Monitor journalism.