South Korea again hit by cyber-attacks, as search for hackers intensifies
An employee of AhnLab Inc. watches a screen at the Security Operation Center in Seoul, South Korea on Thursday. South Korea was on a high alert Thursday after a massive cyber attack on key sites in the South and the United States fueled suspicions of North Korean involvement.
Ahn Youn-joon/AP
Even as a fresh wave of cyber-attacks today hit South Korean networks, computer analysts around the globe were predicting that the worst of the storm is over. According to media reports from Seoul, several institutions in South Korea were targeted Thursday, including Kookmin Bank, one of the country's largest corporations.
Skip to next paragraphRecent posts
-
05.25.12
$75 million? Apple CEO Tim Cook says, 'No thanks' -
05.25.12
Google releases data on piracy, takes copyright infringement pretty seriously -
05.25.12
Facebook Camera for iPhone takes best of Instagram -
05.25.12
With Axis, Yahoo wades into the browser wars -
05.24.12
IBM bans Siri – and probably for good reason (+video)
But officials in South Korea suggested that security programs had effectively blunted the assault, and told reporters that most sites were up and running at normal levels. In the US, where several government websites had come under fire from hackers, security teams have successfully repelled the threat, a White House spokesman said.
“The preventative measures in place to deal with frequent attempts to disrupt whitehouse.gov’s service performed as planned," Nick Shapiro said yesterday, "keeping the site stable and available to the general public, although visitors from regions in Asia may have been affected.”
Meanwhile, security analysts set to work unpacking the exact nature of the campaign, which appeared to have been launched by a relatively unsophisticated team of hackers. The majority of the problems that plagued South Korean and US websites were caused by denial-of-service attacks, a tactic that floods a network with so many requests, that the network effectively shuts down.
"Experts who examined code used in the attack say it appears to have been delivered to machines through the MyDoom worm, a piece of malware first discovered in January 2004 and appearing in numerous variants since," Kim Zetter wrote yesterday on Wired's website. "The Mytob virus might have been used, as well."
The rudimentary nature of the cyber-attack has led many analysts to conclude the campaign may have been a glorified publicity stunt, created to grab headlines around the globe.
According to Joe Stewart, director of malware research at SecureWorks, “Usually you see a [denial-of-service] attack against one or two sites and it will be for one of two reasons — they have some beef with those sites or they’re trying to extort money from those sites," Stewart told Zetter. "To just attack a wide array of government sites like this, especially high-profile, just suggests that maybe the entire point is just to get attention."
Assigning blame
The White House has declined to speculate as to the identify of the attackers, and South Korea says it is cooperating with the US investigation. But today, many in the US continued to point the blame at North Korea or pro-Pyongyang forces. Some Republicans took the attacks as an opportunity to berate the Obama administration.
These comments are not screened before publication. Constructive debate about the above story is welcome, but personal attacks are not. Please do not post comments that are commercial in nature or that violate any copyright[s]. Comments that we regard as obscene, defamatory, or intended to incite violence will be removed. If you find a comment offensive, you may flag it.