Archive for Thursday, July 9, 2009

North Korea suspected in cyber attacks in U.S., South Korea

July 9, 2009


— North Korea, which has been firing missiles and spewing threats against the United States, has been identified by South Korea’s main spy agency as a suspect in the cyber attacks targeting government and other Web sites in the U.S. and South Korea.

North Korea is not known for its computing prowess, but experts said such attacks would be easy — and cheap — to mount by hiring outside help.

The attacks began paralyzing Web sites in the U.S. over the July 4 U.S. Independence Day holiday weekend and in South Korea on Tuesday and Wednesday. A South Korean computer security company said that another wave of cyber attacks was expected in South Korea later today.

South Korea’s National Intelligence Service told members of parliament’s intelligence committee Wednesday that Pyongyang or its sympathizers were believed to be behind the attacks, according to aides to two of the lawmakers. They spoke on condition of anonymity given the classified nature of the information.

The spy agency declined to confirm the information provided by the aides but said in a statement that the sophistication of the attacks suggested they were carried out at a higher level than just rogue or individual hackers.

The attacks were thoroughly prepared and appeared to have been committed by hackers “at the level of a certain organization or state,” the statement said. It did not mention North Korea by name.

U.S. authorities also eyed North Korea as the origin of the trouble, though they warned it would be difficult definitely to identify the attackers quickly.

Three officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved Kim Jong Il’s government in Pyongyang. They spoke on condition of anonymity because they were not authorized to speak publicly on the matter.

Seoul-based antivirus software developer AhnLab said it has analyzed a virus program that sent floods of Internet traffic to paralyze Web sites in the two countries. It found that sites in South Korea would be targeted in a new wave of attacks from 6 p.m. today, spokeswoman Hwang Mi-kyung said.

Seven Web sites are likely to be targeted, including those of the Ministry of Public Administration and Security, Kookmin Bank and the mass-circulation Chosun Ilbo newspaper, she said.

There does not appear to be any evidence that North Korea has ever made overt cyber threats. South Korean media reported in May that the North was running a cyber warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service.


Use the comment form below to begin a discussion about this content.

Commenting has been disabled for this item.