Rush of cyber attacks in South Korea abates

The websites in South Korea that have recently been crashing under a series of Denial of Service (DoS) cyber attacks seem to be operating regularly again, since last Thursday’s assault. As a result, South Korea’s National Intelligence Service lowered the cyber attack alert today.

Error messageSouth Korea was not the only country affected by a series of attacks in which websites experienced outages because cyber criminals engineered a situation in which tens of thousands of computers tried to connect to a single designated website at the same time. In the U.S., a notable increase in attacks of this nature began on July 4, 2009.

The high-volume attack is possible because the hackers create a virus that hijacks personal computers (unbeknownst to their owners) and has them simultaneously access the same website at the same time. This overwhelms the servers, and so the websites crash.

Recently, many South Korean and U.S. websites, including those of the White House and South Korea’s presidential Blue House, have been attacked in this way. Although South Korea believes that attacks are shrinking in number and so has lowered its alert, they are still keeping a careful watch on their cyber space, which they believe has been under the attack of North Korea.

South Korea’s spy agency believes that a military research wing in North Korea has orders to obliterate the South’s communication networks.

Zombie computers is a DOS attackIn addition to Denial-of-Service attacks that draw a lot of attention (it’s pretty easy to figure out that it’s going on, though not nearly as easy to identify the real perpetrators), South Korean media has reported in recent months that North Korea actually has an Internet warfare unit whose aim is to stealthily infiltrate South Korean and U.S. military networks for espionage and sabotage purposes. Apparently, the North employs between 500 and 1000 hackers.

South Korea is currently in the process of analyzing some of the computers that were infected with the malware allowing hackers to hijack and use the computers for their malicious intents. North Korea certainly seems to know its way around South Korea’s cyber infrastructure, seeing as it has allegedly stolen information from 1.65 million South Korean individuals since 2004.

In addition to analyzing computers and hard disks, the South has identified and blocked five IP addresses that are believed to have distributed the viruses that caused the recent wave of DoS attacks. The addresses were from Austria, Georgia, Germany, South Korea and the U.S., but this says nothing of the actual location/origin of the hackers behind the operation, as IP addresses can easily be masked.

Discuss this articleDiscuss this article


Print this pagePrint this page



Posted in: Spy News


Leave a Reply

Logged in as . Logout? Leave a Reply?

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>