A bold and sophisticated cyber attack that began last weekend took down government Web sites in both the United States and South Korea, and South Korean officials have blamed their neighbors to the north for the onslaught. South Korea’s National Intelligence Service, the nation’s main spy agency, told a group of South Korean lawmakers Wednesday it believes that North Korea or North Korean sympathizers in the South “were behind” the attacks [AP].
The attack, which began on July 4, brought down the Web sites of U.S. agencies like the Treasury Department, the Secret Service, and the Federal Trade Commission, with some of the problems lasting for days. In South Korea, an attack that began Tuesday crashed sites belonging to the presidential Blue House and the Defense Ministry, among others. In both countries, the cyber strike also targeted a few large commercial Web sites. “This is not a simple attack by an individual hacker, but appears to be thoroughly planned and executed by a specific organization or on a state level,” the National Intelligence Service said in a statement [The New York Times].
The attack was a variant of a common hacker strategy known as “distributed denial of service.” The attacks involved thousands of computers around the globe infected with rogue software that told them to repeatedly attempt to access the targeted sites, a tactic aimed at driving up traffic beyond the sites’ normal capacity and denying access to legitimate users, according to the researchers [Washington Post]. Security experts involved in the investigation have varied in their estimates of how many infected computers were involved in the attack, with guesses ranging from 20,000 to 60,000. Experts have agreed, however, that a large percentage of the computers were located in South Korea.
A total of 26 Web sites were targeted, according to the researchers. In addition to sites run by government agencies, several commercial Web sites were also attacked, including those operated by Nasdaq, the New York Stock Exchange and The Washington Post [The Washington Post]. In South Korea, the assailants also blitzed Web sites belonging to commercial banks, a major newspaper, and the top Internet portal.
80beats: How Seismic and Radiation Monitoring Reveal North Korea’s Nuclear Secrets
80beats: Hackers Infiltrate Pentagon’s $300 Billion Fighter Jet Project
80beats: Electrical Espionage: Spies Hack Into the U.S. Power Grid
80beats: Is the U.S. Government Losing the Battle Against Hackers?
80beats: Russian Invasion Included the First Real Use of “Cyber Warfare”