In the past several days, it appears that at least 35 US- and South Korea-based websites were under attack by a botnet group of computers, causing the attacked domains to become very slow and unresponsive and even putting many out of commission for periods of time. Among the domains were many government websites of their respective countries. It’s unconfirmed as to where exactly the attack is being launched from, but South Korean officials believe it to be North Koran forces or those sympathetic to their cause.Beginning the fourth of July, also the United States’ Independence Day (coincidence? I think not), several government websites began to be attacked by a botnet of some 60,000 computers that were– you guessed it– running Microsoft Windows. The botnet’s goal was a denial of service attack: infected computers access the specified webpage over and over with the intention to block service to legitimate users. The botnet was still at large today attacking sites such as the Washington Post.
United States government website attacks are common, most of them being negligible nuisances more than anything. Throughout the weekend, though, all of the attacked US federal sites were down at varying times, some of them for two days. Among the affected websites were the Federal Trade Commission, the US Treasury, the Department of Transportation, the White House, and the Secret Service. Though I’m not entirely sure this source is completely legitimate or updated, there seems to be a list of targeted websites posted (originally in Korean).
While some officials think that North Korea may be behind the attacks, others say not to jump to conclusions too quickly:
In the dozens of instances that I worked over the past decade, I cannot recall a single instance in which someone intending to attack came from the source it appeared to have come from. Most attackers in cyberspace try to mask who they really are.
–Dale W. Meyerrose, former chief information officer of the Office of the Director of National Intelligence
The botnet, described by a researcher, was described as “amateurish” and that it was full of programming errors. However, the fact that websites are still suffering into the fifth day says something about the enormity and coordination of the attack. Other sources say that the list of targeted websites can be and has been altered– websites attacked on July 4th weren’t being attacked later and vice versa.
Who knew that while I was watching fireworks blow up over my city’s park, some shady characters somewhere on the globe were plotting my country’s digital demise? This only makes me want to download more updates to protect my computers running Windows… or use the ones running Linux more… and put the US flag as the desktop background.
I believe that the next big “terrorist attack” will be staged to appear as coming from the Internet, thus giving the go to censorship and monitoring of the net, as well as more “war on terror”.
Anyone that connects vital services to the Internet is doing an error today, that someday we will all pay for.
For less important websites a few hours of ddos is not such a big deal, and I don’t think a nation would attack another nation in that way.
If it this was really perpetuated by North Korea, then there is no need to be shocked.
http://www.kcckp.net/kcc_e/index.htm (Official North Korean computer science corporation)
North Korea has a pool of professional hackers and they can perpetuate an internet-based attack or espionage very secretively with relative success.
But here’s the interesting part: North Korean programmers have made a computer game AI, Korean-Japanese-English translation software, voice recognition software, medical task software, etc.
For someone who knows quite well about this, North Korea is not in a shape to conduct a full-fledge war in real life.
Edited 2009-07-08 21:34 UTC