Modern field guide to security and privacy

Opinion: Why the US isn't behind the North Korean Internet outage

North Korea has a fragile Internet, with a risk of being disconnected from the Web for any number of minor sneezes. But an attack of this nature can be easily attributed to the US and the administration should be up front about it. 

Vincent Yu/AP/File
At the Kim Chaek University of Technology in Pyongyang, students sat in a classroom with portraits of the country's late leaders Kim Il Sung, left, and his son Kim Jong Il on the wall.

It's unlikely the US government was behind the recent disruption of the North Korean Internet.

First, this kind of "you-slap-me-I-slap-you" response is not the US style. Instead, the Americans are more likely to come up with some epic, uber-technological hack that cleverly inverts the North Koreans internal systems, such as Stuxnet did to the Iranians.

What's more, the US fully supports cross-border flow of information as fundamental under Article 19 the Universal Declaration of Human Rights and a distributed denial of service attack, or DDoS, violates that, limiting people's access to the Internet. Even though the North Koreans have only limited connectivity for the elite, the White House and Department of State would not give up this principle lightly.

The North Koreans have an incredibly fragile Internet, with a very high risk of being disconnected from the global Internet for any number of minor sneezes.

They only have four externally connected networks and just about a thousand Internet addresses. This means the North taking themselves offline would be easy (a la Egypt) but so would an offshore earthquake (such as what on Dec. 26 2006 to most of East Asia) or a deliberate DDoS. With DDoS attack rates starting to top 400Gb/s, there are few networks in the world that can handle a modern attack, and certainly not a nation with such sickly external connectivity. 

Literally, a few kids would be able to pull this off. And most important of all, the four North Korean networks all connect through China. Even if the White House would somehow authorize an attack against the Pyongyang Internet, there's very little likelihood President Obama would approve such an assault on Chinese sovereignty for such minuscule and fleeting national security returns.

It is entirely possible this is good old American patriotic hackers, mimicking the Jester, or Anonymous looking to strike back against North Korea. If so, then the Department of Justice must do like it did at the time of Iraq invasion in 2003 and warn them that the US government "does not condone so-called 'patriot hacking' on its behalf."

It is not in the US interest to legitimize patriotic hacking, which are a Chinese and Russian specialty. They are much better at it than we will ever be (or want to be).

And whether the US did or did not conduct this attack, the government spokesman must say either way. In the face of an attack that can easily (but hopefully mistakenly) be attributed to our nation, it is not acceptable for official spokespersons to insist the US isn't "going to discuss publicly operational details about the possible response options."

Not saying we aren't doing it makes us look guilty; not saying we are makes us look as bad as the other guy. It's an admission that attribution is only a problem when concealing the unjust actions of others. If the US wants other nations to be responsible then it should start at home.  

Jason Healey is the director of the Cyber Statecraft Initiative at the Atlantic Council and a former director of cybersecurity policy at the White House.​


You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Opinion: Why the US isn't behind the North Korean Internet outage
Read this article in
QR Code to Subscription page
Start your subscription today