Samker's Computer Forum - SCforum.info

World TOP Headlines: => Latest Security News & Alerts => Topic started by: Samker on 05. March 2011., 16:01:11

Title: DDoS cyber attack on South Korea
Post by: Samker on 05. March 2011., 16:01:11

(http://3.bp.blogspot.com/_Bq5v8T4ediQ/Sl60lQ-5uAI/AAAAAAAAAGw/kmXtqWY1aVk/s320/wargamesscreens.jpg)

South Korean officials are reporting that over 40 high profile websites from 29 institutions have fallen victim to a DDoS cyber attack: http://www.deccanchronicle.com/international/40-s-korean-sites-hacked-521 (http://www.deccanchronicle.com/international/40-s-korean-sites-hacked-521)
This sites include the National Assembly, the Cheong Wa Dae, Government departments, various military areas, the Korea-based US Forces and a number of major banks. This is similar to a 2009 attack focused against the Government only: http://news.bbc.co.uk/1/hi/technology/8139821.stm (http://news.bbc.co.uk/1/hi/technology/8139821.stm)

It is thought the cyber 'terrorists' inserted malware code into a number of peer-to-peer websites used in Korea, this led to up to 11,000 computers becoming part of a so called botnet. The foray caused websites to become overloaded with data and crash servers using a distributed denial-of-service (DDoS) attack. Even stock trading was effected, for a few minutes, bringing one system completely down as well as the Financial Services Commission website.

According to the National Police Agency: http://english.yonhapnews.co.kr/national/2011/03/04/36/0301000000AEN20110304007200315F.HTML (http://english.yonhapnews.co.kr/national/2011/03/04/36/0301000000AEN20110304007200315F.HTML) , the South Korean Government has sent it's Cyber Investigation Unit to the two file sharing websites that are thought to have spread the malicious code. An official from the presidential office confirmed the attack quoting "There was a DDoS attack, but no damage was done".

This may increase tensions between the two Koreas after the 2009 attacks were blamed on the communist state, although this was never proved. AhnLab, the countries top IT company has released a free tool for users to remove any suspicious software. They also expected additional attacks to commence at 18:30 local time, there have been no reports to confirm this happened.

(NW)