Tech analysts are struggling to verify Anonymous’s latest alleged hack, in which the group claims it gained a trove of 15,000 passwords from a North Korean news and propaganda site and, more significantly, unprecedented access to the country’s intranet system, its walled-off alternative to the Internet.
Anonymous, the shadowy, loosely defined collective that has dabbled in hacktivism against governments and other organizations, posted a statement taking credit for such a breach. The statement, grandly addressed to “citizens of the world,” proclaims:
Enjoy these few records as a proof of our access to your systems (random innocent citizens, collateral damage, because they were stupid enough to choose idiot passwords), we got all over 15k membership records of www.uriminzokkiri.com and many more. First we gonna wipe your data, then we gonna wipe your badass dictatorship ‘government.’
The statement goes on to list the usernames, e-mail addresses and passwords of six users at Uriminzokkiri, the North Korean state media outlet. But as the blog North Korea Tech points out, three of the names are Chinese, as are four of the e-mail addresses. The other two addresses point to Hotmail and a South Korean company. The site itself is based in China, so the leaked names do not prove Anonymous has accessed any user data from within North Korea itself or from the country's intranets.
Anonymous also launched distributed denial-of-service (DDoS) attacks against several sites, including those of the state-owned Air Koryo, the Committee for Cultural Relations with Foreign Countries and the Korea Computer Center, according to InformationWeek. Per North Korea Tech’s handy Web site list, all of those sites are hosted within North Korea.
That leaves Anonymous’s more serious threat: that hackers successfully infiltrated North Korea's intranets, mail servers and Web servers, including the Kwangmyong network, the "walled garden" internal Web used by ordinary citizens.
“So you're into demonstrations of power? Here is ours,” the statement reads, before listing those alleged hacks.
But some analysts seem to think Anonymous might be bluffing about grave attacks, Kim Jong Un-style, with no real indication they have the resources to carry them out. The claim that hackers have gotten into North Korea’s intranet system has raised a few eyebrows, for instance, since the network is insulated from the outside world and not accessible outside the country. You can't get to it from the Internet because it's not on the Internet. Here’s Charlie Custer of the blog Tech in Asia on Anonymous's claim that "we are inside your local intranets, (Kwangmyong and others)":
Accessing Kwangmyong is not theoretically impossible; it might be accomplished by slipping some code past the censors who scan and scrub content from the world wide web before re-posting it to Kwangmyong. It also might be possible to infect the computers of North Korean officials who are privileged enough to have access to the “real” internet in addition to Kwangmyong (such access is not common and virtually unheard of for ordinary citizens). Without any proof of such access, Anonymous’s claim seems dubious at best.
Analysts and Korea-watchers will get a second chance to check Anonymous's claims on April 19, when the group has planned a second attack under the #OpFreeKorea hashtag. To avoid further action, the group says, Kim need only call off his nuclear plans, provide uncensored Internet for all citizens, install a “free direct democracy” and resign his post. That's all?