North Korea Hacked Him. So He Took Down Its Internet | WIRED

“I would not want to disrupt real Western intelligence efforts that are already in place on those machines, assuming there is anything of value there,” Aitel says.

Aitel agrees, though, that the government response to North Korea's campaign has been lacking. He says he never received any contact from a government agency and lays the blame for that silence specifically at the feet of the Cybersecurity and Infrastructure Security Agency. “This is one of the biggest balls CISA, in particular, has dropped,” Aitel says. “The United States is good at protecting the government, OK at protecting corporations, but does not protect individuals.” He points out that many of the targeted security researchers likely had significant access to software vulnerabilities, enterprise networks, and the code of widely used tools. That could result, he says, in “the next SolarWinds.”

When WIRED reached out to CISA, a spokesperson responded in a statement that the agency “is committed to supporting the cybersecurity community in detecting and protecting against malicious cyber actors,” adding that "as part of this work, we encourage any researcher that is being targeted by cyber threats to contact the US government so we can provide all possible assistance.”

US government criticisms aside, P4x is clear that his hacking aims primarily to send a message to the Kim regime, which he describes as carrying out “insane human rights abuses and complete control over their population.” While he acknowledges that his attacks likely violate US computer fraud and hacking laws, he argues he hasn't done anything ethically wrong. “My conscience is clear,” he says.

And what's the final goal of his cyberattacks on that totalitarian government's internet infrastructure? When will he end them?

“Regime change. No, I'm just kidding,” P4x says with a laugh. “I just want to prove a point. I want that point to be very squarely proven before I stop.”