American, South Korean Sites Hit With Massive Cyberattack

By July 08, 2009

North Korea is rumored to be behind a series of cyberattacks on U.S. and South Korean government Web infrastructure this week. These agencies were flooded with denial of service attacks, which overwhelm sites with massive traffic with the aim of knocking them out. The White House, Homeland Security, Treasury, Federal Aviation Administration, the Federal Trade Commission and the NYSE were among sites hit by the attack. The Washington Post was also attacked. In all, 13 South Korean and 26 U.S. sites were estimated to have been hit. South Korea started feeling the attacks last weekend, and the U.S. first experienced them this weekend.

The attack successfully shut down most of the South Korea sites it targeted, including the presidential Web site, the National Assembly and National Defense ministries.

The U.S. sites fared slightly better. The FAA, Treasury and Department of Transportation’s sites experienced outages, The Register reports.

South Korean officials say that North Korea, whose July 4th missile launch was called “provocative” by the U.S. State Department, is responsible for the attacks.

South Korea also believes that North Korean sympathizers in South Korea are possibly behind the attacks, but ComputerWorld’s Gregg Keizer reports that noted botnet expert Joe Stewart concludes that it was perpetrated by an intermediate programmer, not a state.

"This looks like an attack designed to draw attention to itself, rather than to actually try to take these sites offline," Stewart said.

“A state would try to be sneakier than this,” Stewart said.

ComputerWorld also reports that the attack code was an updated version of the MyDoom virus, one of the fastest-spreading in history, first discovered in 2004.

Legal mentions © L’Atelier BNP Paribas