/ 9 July 2009

South Korea, US websites down after cyber-attack

Some South Korean and United States internet sites were down or slowed to a crawl for a third day on Thursday after attacks by a hacker that Seoul’s National Intelligence Service said may be linked to a cyber warfare unit in the North.

The impact of the attack was seen as largely symbolic and experts said it did not represent an actual security breach or damage to the online infrastructure of the world’s most wired country.

South Korean media, including Yonhap news agency, quoted Parliament members as saying after an intelligence briefing on Wednesday that the spy agency believed ”North Korea or pro-North elements” were behind the attacks.

But some analysts raised doubts the North was responsible, saying the implications of such state involvement were severe, and it may be the work of industrial spies or pranksters instead.

South Korea’s Communications Commission said in a statement that it had stepped up counter measures after Wednesday’s fresh wave of attacks, asking internet service providers to filter access by computers infected with malicious software.

South Korea’s Defence Ministry website was among those that remained down for a third day and access to some US government sites, including the State Department and Defence Department, from South Korea appeared to have been disabled.

An official with the Communications Commission said the impact could spread as more people go online through the day.

”We’ve had the first wave and the second wave, and now there may be a third one,” Park Chul-soon said on state-run KBS radio.

If the North was responsible, it would mark an escalation in tensions already high from Pyongyang’s nuclear test in May, a barrage of ballistic missiles in July and repeated taunts of long-time foes Seoul and Washington in its official media.

Severe implications
Mark Rasch of SecureITExperts, a former US Department of Justice official on cybercrimes, said the implications of a state-sponsored attack were severe.

”There’s no difference between dropping a logic bomb and dropping a TNT bomb in the law of war,” he said, but added that while North Korea could have been behind the manoeuvres, they did not appear to be coming from computers physically based there.

Last month the North warned of ”high-tech war” against the South for spreading what it said was false information about its involvement in cyber attacks.

”As universally recognised, the US is the kingpin of ‘cyber attack’ and ‘hacker intrusion’ on our planet,” its official KCNA news agency said on June 27.

”The DPRK is fully ready for any form of high-tech war,” it said, using the country’s official name, the Democratic People’s Republic of Korea.

An expert on the North at the Heritage Foundation, Bruce Klingner, said the North had in operation a military unit with up to 1 000 skilled computer hackers created 10 years ago.

”Pyongyang has an extensive and capable cyber-terrorism effort to provide asymmetric attack capabilities,” he said.

Internet security shares were up sharply on Thursday for a third day, led by AhnLab, which rose by nearly the junior Kosdaq market’s daily limit of 15%.

AhnLab, the country’s leading online security firm, is among those whose websites are still under attack. The site froze before fully loading while displaying a broken link to a ”DDoS attack warning.”

”Distributed denial of service” (DDoS) attacks are designed to disrupt rather than penetrate a system to obtain data.

Targeted websites are saturated with access requests generated by malicious software planted on personal computers, crippling or slowing server response to legitimate traffic. — Reuters