​North Korean internet restored, but still wobbly after 10 hour blackout

North Korea's internet outage comes while the country is in the middle of a cybersecurity row with the US.
Written by Liam Tung, Contributing Writer

Few of North Korea's 25 million citizens will know it, but the country's internet is back online after a nine hour outage.

North Korea, the focal point of US investigations into the Sony Pictures hack, yesterday experienced a severe internet outage that morphed from a few days of "instability" into a full-blown blackout. According to Dyn Research, the full outage lasted just under 10 hours.

The disruption came in the wake of the FBI blaming North Korea for the attack on Sony: North Korea has denied involvement in the attack, but US President Barack Obama said the cyber attack deserved a proportional response.

North Korea's internet is more fragile than most, dependent on just four networks compared to its wired neighbour, Taiwan, which according to Dyn Research, has 5,030 networks. Besides that, North Korea's connection to outside world relies on China Unicom, its only international provider.

According to Dyn, North Korea's internet was restored at 01:46 UTC with traffic "routing through China Unicom, just as before". The company noted today however that the country continues its struggle to stay online, with another outage striking at just before 08:00 UTC.

Still yet to be determined is whether the North Korean outage was the result of an attack or equipment failure, however the timing is feeding speculation the country may have suffered a large distributed denial of service attack (DDoS).

A technical analysis of traffic to the country by anti-DDoS firm Arbor Networks notes several waves of attacks beginning on the 18 December, with the specific ports being targeted suggesting an NTP protocol "amplification" attack that peaked at a relatively low 5.97 Gbps.

According to Arbor, two of the main targets were the Naenera, the official website for the DPRK and Kim Il Sung University. The others were the nation's primary and secondary domain name service servers.

While some are speculating the US government may have had some involvement in North Korea's internet problems, Arbor researcher Dan Holden notes that it could just as likely be the work of hacktivists.

Further reading

Editorial standards