Repeat of SKorea, US cyberattacks does no damage

Jul 08, 2010 By KWANG-TAE KIM , Associated Press Writer

(AP) -- Hundreds of computers that caused a wave of outages on U.S. and South Korean government websites last July launched new attacks on the same sites, but no major damage was reported, police said Thursday.

More than 460 computers infected with malicious computer codes assaulted 25 websites, including that of South Korea's presidential Blue House, on Wednesday as they are programmed to attack every July 7, said Jeong Seok-hwa, a police officer handling investigations on the cyberattacks.

"But the attacks were so weak that there were no problems in accessing the sites," he said.

An analysis of an infected computer in Seoul showed that it was programmed to attack every July 7 and the malicious computer codes used were identical to those mobilized last year, said Hyun Jae-sub, another police official.

Hyun said the attacks are traced to computers which were not vaccinated after the last year's attacks. He said about 270,000 infected computers were involved in last year's assaults.

The codes, called malware, are used in triggering so-called denial of service attacks, in which large numbers of computers try to connect to a site at the same time to overwhelm the server.

Vaccine programs can repair the infected computers and prevent denial of service attacks, according to AhnLab, a top South Korean company.

AhnLab said it provided free vaccine programs to computer users following last year's attacks as part of efforts to prevent their recurrence.

Jeong said some 430 infected computers are in South Korea and others are traced to the U.S., Britain, China and Japan. Hyun said the addresses - the Web equivalent of a street address or phone number - showed attacks are traced to computers in South Korea but the authorities have not yet located all the infected computers in the country. He added that those who own the computers would not even know whether their computers were infected with malware.

Police cautioned that there could be other attacks on Thursday and Friday.

The latest attack came a month after two South Korean government websites were struck with that officials said was traced to China.

Last July, government websites in and the U.S. were paralyzed by cyberattacks.

South Korean officials believed those attacks were conducted by North Korea, but U.S. officials have largely ruled out North Korea as the origin, according to cybersecurity experts.

Experts say there is no conclusive evidence that North Korea, or any other nation, orchestrated it.

South Korean media have reported that North Korea runs an Internet warfare unit aimed at hacking into U.S. and South Korean military networks to gather information and disrupt service.

Explore further: Japan court orders Facebook to reveal revenge porn IP addresses

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Reports: Cyberattacks traced to NKorea

Oct 30, 2009

(AP) -- The North Korean government was the source of high-profile cyberattacks in July that caused Web outages in South Korea and the United States, news reports said Friday.

SKorean police: Hackers extracted data in attacks

Jul 14, 2009

(AP) -- Hackers extracted lists of files from computers that they contaminated with the virus that triggered cyberattacks last week in the United States and South Korea, police in Seoul said Tuesday.

SKorea says attackers use IP address in 16 nations

Jul 10, 2009

(AP) -- Cyber attacks that caused a wave of Web site outages in the U.S. and South Korea used 86 IP addresses in 16 countries, South Korea's spy agency told lawmakers Friday, amid suspicions North Korea was ...

US largely ruling out NKorea in 2009 cyberattacks

Jul 03, 2010

(AP) -- U.S. officials have largely ruled out North Korea as the origin of a computer attack last July that took down U.S. and South Korean government websites, according to cybersecurity experts.

Recommended for you

Kickstarter suspends privacy router campaign

Oct 20, 2014

Kickstarter has suspended an anonymizing router from its crowdfunding site. By Sunday, the page for "anonabox: A Tor hardware router" carried an extra word "(Suspended)" in parentheses with a banner below ...

User comments : 0