NK suspect for US and South Korea Cyber Attack
The powerful attack that overwhelmed computers at U.S. and South Korean government agencies for days was even broader than realized, also targeting the White House, the Pentagon and the New York Stock Exchange. An early analysis of the malicious software used in the attack found its targets also included the National Security Agency, Homeland Security Department, State Department, the Nasdaq stock market andThe Washington Post. Many of the organizations appeared to successfully blunt the sustained attacks. The Associated Press obtained the target list from security experts analyzing the attack. It was not immediately clear who might be responsible or what their motives were. The attack was remarkably successful. The widespread attack knocked out the Web sites of the Treasury Department, the Secret Service and other U.S. government agencies, according to officials inside and outside the government. Sites in South Korea were also affected, and South Korean intelligence officials believe the attack was carried out by North Korean or pro-Pyongyang forces. The U.S. government Web sites, which also included those of the Federal Trade Commission and the Transportation Department, were all down at varying points over the holiday weekend and into this week. South Korean Internet sites began experiencing problems Tuesday. U.S. officials refused to publicly discuss details of the cyber attack. But South Korea's National Intelligence Service, the nation's main spy agency, told a group of South Korean lawmakers Wednesday that it believes that North Korea or North Korean sympathizers in the South "were behind" the attacks, according to an aide to one of the lawmakers briefed on the information. The aide spoke on condition of anonymity, citing the sensitivity of the information. The National Intelligence Service — South Korea's main spy agency — said it couldn't immediately confirm the report, but it said it was cooperating with American authorities. Amy Kudwa, spokeswoman for the Homeland Security Department, said the agency's U.S. Computer Emergency Readiness Team issued a notice to federal departments and other partner organizations about the problems and "advised them of steps to take to help mitigate against such attacks." Others familiar with the U.S. outage, which is called a denial of service attack, said the fact that the government Web sites were still being affected three days after it began signaled an unusually lengthy and sophisticated attack. Two government officials acknowledged that the Treasury and Secret Service sites were brought down, and said the agencies were working with their Internet service provider to resolve the problem. The officials spoke on condition of anonymity because they were not authorized to speak on the matter. Ben Rushlo, director of Internet technologies at Keynote Systems, said problems with the Transportation Department site began Saturday and continued until Monday, while the FTC site was down Sunday and Monday. Keynote Systems is a mobile and Web site monitoring company based in San Mateo, Calif. The company publishes data detailing outages on Web sites, including 40 government sites it watches. According to Rushlo, the Transportation Web site was "100 percent down" for two days, so that no Internet users could get through to it. The FTC site, meanwhile, started to come back online late Sunday, but even on Tuesday Internet users still were unable to get to the site 70 percent of the time. Web sites of major South Korean government agencies, including the presidential Blue House and the Defense Ministry, and some banking sites were paralyzed Tuesday. An initial investigation found that many personal computers were infected with a virus ordering them to visit major official Web sites in South Korea and the U.S. at the same time, Korea Information Security Agency official Shin Hwa-su said.
Some of the affected government Web sites were still reporting problems days after it started during the July 4 holiday.
Post a Comment