backtop


Print 26 comment(s) - last by HoundRogerson.. on Jul 12 at 9:24 PM


Sources believe massive denial of service cyberattacks against the U.S. government and South Korea were masterminded by North Korea.  (Source: ki4u.com)
Attack knocked out the Treasury Department, the Secret Service and other U.S. government agency sites

Experts had warned that the U.S. was poorly defended against and ill-prepared for a major cyber offensive.  It turns out they were right.

Attacks against U.S. government sites occurring on July 4 are just now being revealed to the public eye.  The attacks took down the Treasury Department, the Secret Service, Federal Trade Commission, and the Transportation Department websites over the weekend.  This week, outages have continued as the attackers show no signs of relenting.

South Korea has also been targeted.  The attacks on South Korea's government sites began on Tuesday.  The attacks affected South Korea's presidential Blue House and the Defense Ministry, and some banking sites, among others.

The U.S. government believes North Korean or pro-Pyongyang forces are responsible for the attacks.  They are refusing to officially discuss the attacks, but numerous sources have confirmed the attacks are severe and ongoing.  Speaking to a group of South Korean lawmakers, South Korea's National Intelligence Service stated Wednesday that it believes that North Korea or North Korean sympathizer in the south "were behind" the attacks.

In the U.S., the Homeland Security Department's U.S. Computer Emergency Readiness Team is working with organizations to try to fight the attacks.  Spokeswoman Amy Kudwa states that it has "advised (the agencies) of steps to take to help mitigate against such attacks."

Using a denial of service approach -- killing websites by sending millions of requests to them, overloading the servers -- the attacks follow many previous ones.  The perpetrators of the attacks apparently used a computer virus, which infected many computers worldwide, to create a botnet.  This silent botnet was turned on over the weekend and began sending vast quantities of requests to the target sites.  The attacks have been much lengthier than a typical denial-of-service assault, much bolder, and more sophisticated.

The FTC site was down Sunday and Monday.  The Transportation Web site was "100 percent down" for two days, according to Ben Rushlo, director of Internet technologies at Keynote Systems a company that monitors web outages.





Comments     Threshold


This article is over a month old, voting and posting comments is disabled

actual damages?
By TSS on 7/8/2009 9:45:32 AM , Rating: 5
i'm wondering. besides the wages of people who have to clean up the mess, what's the actual damage of such an assualt on the nation?

for instance if they hack bank accouts and siphon off money, then the damage is obviously the money lost + money spend on security patching the holes the breach used.

not trying to downplay the severeness here... i'm just wondering what for effect this had, other then inconvenience.

on a side note, lol @ getting the secret service's website down. if there was any agency i'd say that wouldn't happen to....




RE: actual damages?
By captainBOB on 7/8/09, Rating: -1
RE: actual damages?
By kextyn on 7/8/2009 9:59:15 AM , Rating: 4
The Pentagon is Department of Defense. The sites listed are not part of the DoD. How does this have anything to do with the Pentagon?


RE: actual damages?
By 85 on 7/8/2009 10:00:40 AM , Rating: 2
quote:
You could say this was a proof of concept, now its definitely known that the pentagon isn't so secure from DDoS


yeah but im pretty sure that the system that got hit also didn't have classified stuff on it. I know this sounds ridiculous but who knows, may be they knew about it and and let it happen to gain support from the world against NK. world politics is very messy!


RE: actual damages?
By kattanna on 7/8/2009 10:11:05 AM , Rating: 4
quote:
world politics is very messy!


for all we know, it could have been US who did the attack to then show why we need to dump more money into the new cyber security center we are building


RE: actual damages?
By tmouse on 7/8/2009 3:16:10 PM , Rating: 1
Where does it even mention any DOD sites? It's just the "Hi , this is your government" public sites that are being brought down. While it can be made to look bad with shoddy reporting, so far all it means is little bobby might not get the information he needs for his civics homework (although he would probably just use Wikipedia anyways).


RE: actual damages?
By PitViper007 on 7/8/2009 9:52:21 AM , Rating: 2
I would say it depends on what the sites actually did. Were they portals for other things, say logging in to file reports for their agents, database lookups, etc? I don't know. However you want to look at it though, this is troubling indeed.


RE: actual damages?
By Donovan on 7/8/2009 12:29:40 PM , Rating: 2
The government does it the same way large companies do it: each agency will have an internal intranet behind a firewall and employees who are not in the office use a VPN tunnel to get in. The IRS, for example, calls their system ERAP (Enterprise Remote Access Program), and it is used by field agents who generally work from their home or from the taypayer's office.

An attacker would have to settle for attacking the VPN gateways or just consuming the total bandwidth available to that agency. Both types of attacks can be mitigated with redundancy and upstream packet filtering.


RE: actual damages?
By 67STANG on 7/8/2009 3:18:07 PM , Rating: 2
LOL. I used ERAP when I was at a software company contracted to do some custom web apps/intranet stuff for the IRS. It was ridiculously open-- I could browse pretty much everything.

I did have some fun when exploring and found that someone had Kenny G in their CD-ROM. I kept ejecting the CD about every 30 seconds. Good fun.


RE: actual damages?
By bhieb on 7/8/2009 10:22:38 AM , Rating: 4
Agreed, just because someone takes down a public web site does not really mean they can get to anything of importance.

The classified National Security systems are usually closed loop networks with no lines to the internet. Most of the time when there is a breach in the news about a classified doc it was because it was put on a laptop or some other box outside of that loop. AKA human error. These types of things need to be fixed sure, but just because someone can DoS a public site does not mean they will be downloading plans for the next super bomber.

Personally I think if MS's new AV is at least decent, it will make this much harder since having a few million Bots will not be as easy.


North Korea?
By Danger D on 7/8/2009 9:56:40 AM , Rating: 5
Whoa. Who gave North Korea a computer?




RE: North Korea?
By acase on 7/8/2009 10:04:53 AM , Rating: 2
They have to have them for when they are ronery.


RE: North Korea?
By blueeyesm on 7/8/2009 10:15:30 AM , Rating: 2
Who do you think would??

Certainly not (most of) the UNs Security Council...

At any rate, when the 600 families that are closest with Kim Jong il have most of the money, wealth and riches there, I'm sure they have no problem getting a Dell or two.


RE: North Korea?
By SublimeSimplicity on 7/8/2009 10:19:03 AM , Rating: 5
Computer? You obviously don't know Kim Jong Il. The guy can control the weather and on an off day shoots a 19 in golf.

He simply put a CAT5 cable in his mouth and did the hacking R2D2 style.


RE: North Korea?
By TheFace on 7/8/2009 1:14:27 PM , Rating: 2
He can shoot a 19 on a 36 hole round. THATS how good he is. Or so I've been told by the north koreans...


Too much of a good thing turns bad?
By DOOA on 7/8/2009 3:20:10 PM , Rating: 2
I find it interesting no comments are made on the root pathway of these attacks. Have we become complacent about and accepting of remote administration? Perhaps we need to think about security and stop the script/autorun/remoteadmin/activedirectory support that some operating systems have.

Where I work we are coming up on a decade of no viruses, software that outlives hardware in stability, and little administration after initial setup. We run QNX here. Granted, we run very limited applications, but after all; we run a business and don't need much. Spreadsheets, databases, word processing. web browsing and a few custom applications are all we need. Our workers are expected to leave the general web surfing and games at home.




RE: Too much of a good thing turns bad?
By tmouse on 7/8/2009 3:49:48 PM , Rating: 3
Most bots are personal computers, the next is universities where people HAVE to keep getting bigger and bigger computers, even if they just use them to hold their 10 Gb outlook mail boxes. A lot of processing power + large net connections + Hugh drives + no security and old AV protection = disaster. So your point is totally moot.


RE: Too much of a good thing turns bad?
By KidneyBean on 7/8/2009 4:02:47 PM , Rating: 2
We need an economic stimulus package for our computer security. Free upgrades to Windows 7 and McAfee Internet Security for everyone! Hey they're Made in America!

Don't bother to read the rest of this bill.

Accepting this stimulus package means that Federal agents can access your computer at any time. You can not tell anyone your computer was accessed, even in a court of law.


By HoundRogerson on 7/12/2009 9:24:48 PM , Rating: 2
The Windows 7 beta is free, and will work until august i think. furthermore, mcafee sucks ass, so does norton for that matter (both of them did nothing but crash my old computer). AVG, and Avast haven't caused me any problems so far, so they might work well for you.


What am I missing?
By edge929 on 7/8/2009 12:43:11 PM , Rating: 2
I work for one of America's largest banks (calm down, we gave back our money already) and I admit my networking experience is limited to only corporate America but what is the problem here? It's 2009 and denial-of-service attacks aren't exactly new. Even my home router has a "ban this IP if it connects 10 times in 30 seconds" rule. Problem solved.

Repeated connection attempts are easily thwarted and it's not necessary to bring down most servers just to flush the memory cache. Granted our servers are rather nice, but not from the future and I would hope that our government has equal or better hardware.

In the end, I blame end users. Not getting viruses is the first step to disrupting DoS attacks.




RE: What am I missing?
By xtknight on 7/8/2009 12:54:51 PM , Rating: 2
I think what you're missing is that packets can be generated with random source IPs and delivered to the same destination ("raw sockets").

So, blocking one source IP won't work. The only way to really prevent this, that I know of, is egress filtering wherein the ISP of the packet in question prevents its transmission by verifying that its source IP is not part of that ISP's network.

You could also model the packets with some sort of Bayesian spam algorithm and block the certain requests somehow. But most of them are probably just generic "GET /" requests anyway, the blocking of which would hamper normal, harmless end users' access as well.


RE: What am I missing?
By xtknight on 7/8/2009 1:02:01 PM , Rating: 2
I guess in actuality I don't even know how the handshaking process would go through with a spoofed source IP so maybe this is only useful for UDP.


RE: What am I missing?
By bohhad on 7/8/2009 11:27:28 PM , Rating: 2
no, don't calm down because they already gave the money back. the gov't was supposed to get shares, it was supposed to bring in a profit, but the banks didn't want to do that. they used the american taxpayer as an ATM.

sorry, it's way off topic, but americans are seeing this bank crap all wrong


The internet expert
By nafhan on 7/8/2009 10:24:05 AM , Rating: 5
My opinion is that Kim Jong Il caused this outage all by himself. Who needs teams of hackers when you are an "Internet expert".

On top of that:
quote:
North Korean state media reports that Kim routinely shoots three or four holes-in-one per round. His official biography also claims Kim has composed six operas and enjoys staging elaborate musicals.

And that hair! What an incredible guy; he just excels at whatever he does. Long live the "Dear Leader"...




RE: The internet expert
By tmouse on 7/8/2009 3:42:47 PM , Rating: 2
I've heard he can even hit a 1 iron.


Ted Stevens says...
By wuZheng on 7/8/2009 10:19:10 AM , Rating: 3
North Korea is clogging the tubes!!!

ENORMOUS AMOUNTS OF MATERIAL. ENORMOUS AMOUNTS OF MATERIAL.




"Google fired a shot heard 'round the world, and now a second American company has answered the call to defend the rights of the Chinese people." -- Rep. Christopher H. Smith (R-N.J.)













botimage
Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki