US, S. Korean Government Web Sites Targeted in Cyber Attack

08 July 2009

computer keyboard

South Korea has issued security warnings after the disruption of major Internet sites by an apparent cyber attack. Several U.S. Web sites have also been affected. Reports are emerging in South Korean media that intelligence officials suspect North Korea may have had a hand in the disruption.

South Korea's Yonhap news agency quoted parliamentary intelligence committee lawmakers as saying North Korea may be behind the apparent cyber attack.  

Wednesday marks the 15th anniversary of the death of the North's revered first leader, Kim Il Sung. In past years, North Korea has used the occasion to show defiance or superiority toward the South.

South Korean authorities began to notice the Internet disruption Tuesday evening. By Wednesday, Korea Communication Commission official Lee Myung-su said the attack program had spread far and wide.

He says 18,000 personal computers have been infected by a malicious code.

At least 11 South Korean government sites have been either greatly slowed or made unavailable, including the sites for the presidential Blue House, the Defense Ministry, and the lawmaking National Assembly. Several major South Korean banks and the leading Internet portal, Naver, were also affected.

U.S. sites have also been affected, including the Treasury Department, Secret Service, and Federal Trade Commission. The Web site of Voice of America news has been unavailable in South Korea for two days.

Computer experts describe this kind of attack as a "distributed denial of service." A computer virus spreads from one personal computer to another, directing data traffic from those computers to the targeted Web sites.

Shin Hwa-su, of the Korea Information Security Agency in Seoul, says the increased traffic overloads the target sites.

He says it is like 16-lanes worth of vehicles onto a four-lane highway. The road gets completely jammed and there is no movement.

Shin explains that any ordinary computer can turn into what programmers call a "zombie PC," if it does not have the proper software to protect it from viral attacks.

Kim Jae-gyu, chief of South Korea's Police Cyber Terror Center says a special task force has been formed to investigate the attack.

He says police have seized one computer that was sending out the malicious software, and have confirmed the program has targeted a total of 25 Web sites.

So far, South Korean authorities say the attack has been more of an inconvenience than a genuine security threat. They say no sensitive data appears to have been extracted from the targeted sites.

South Korea is one of the most wired nations in the world. Major governmental agencies like the Ministry of Defense find themselves under attack by hackers thousands of times on any given day. Parliamentary hearings on this particular round of attacks are scheduled for Thursday.