When WIRED asked the FBI about its response to North Korea’s targeting of American security researchers, it responded in a statement: “As the lead agency responsible for responding to threats, we rely on the public and private sectors to report suspicious activity and intrusions and work together , to make sure we understand what’s going on, prevent it from happening to others, and hold those responsible accountable,” the FBI said in a statement. “The FBI is committed to pursuing the malicious actors and countries behind cyberattacks and will not tolerate the theft or intimidation of intellectual property.”
After its experience as the target of state-sponsored cyberespionage, P4x spent much of the next year on other projects. But after a year has passed, still with no public or private statements from the federal government about targeting security researchers, and no offer of support from any US agency, P4x says it decided it was time to make its own statement both to the North Korean and US governments.
Other hackers targeted by North Korea don’t all agree that hacking P4x is the right way to make that statement. Dave Eitel, a former NSA hacker and founder of security firm Immunity, was similarly targeted in the same spying campaign. But he doubts whether P4x has taken a productive approach to catching up, given that it may actually be hindering more covert intelligence efforts targeting the same North Korean computers.
“I wouldn’t want to disrupt the real Western intelligence efforts that are already in place on these machines, assuming there’s anything of value there,” Aitel says.
Athel, however, agrees that the government’s response to North Korea’s campaign has been lacking. He says he has never received any contact from a government agency and lays the blame for that silence specifically at the Cybersecurity and Infrastructure Security Agency. “This is one of the biggest balls that CISA, in particular, has dropped,” Aitel says. “The United States is good at protecting the government, OK at protecting corporations, but they do it no protecting people.” He points out that many of the targeted security researchers likely had significant access to software vulnerabilities, corporate networks and the code of widely used tools. This could lead, he says, to “the next SolarWinds.”
When WIRED contacted CISA, a spokesperson responded in a statement that the agency is “committed to supporting the cybersecurity community in detecting and defending against malicious cyber actors,” adding that “as part of this work, we encourage any researcher who is targeted to cyber threats to contact the US government so we can provide all possible assistance.
Criticism of the US government aside, P4x is clear that its hack is primarily intended to send a message to the Kim regime, which it describes as committing “crass human rights abuses and total control over their population.” While acknowledging that his attacks likely violated US computer fraud and hacking laws, he maintains that he did nothing ethically wrong. “My conscience is clear,” he says.
And what is the ultimate goal of his cyberattacks against the internet infrastructure of this totalitarian government? When will he end them?
“Regime change. No, just kidding,” P4x says with a laugh. “I just want to prove something. I want this point to be very clearly proven before I stop.
