backtop


Print 26 comment(s) - last by HoundRogerson.. on Jul 12 at 9:24 PM


Sources believe massive denial of service cyberattacks against the U.S. government and South Korea were masterminded by North Korea.  (Source: ki4u.com)
Attack knocked out the Treasury Department, the Secret Service and other U.S. government agency sites

Experts had warned that the U.S. was poorly defended against and ill-prepared for a major cyber offensive.  It turns out they were right.

Attacks against U.S. government sites occurring on July 4 are just now being revealed to the public eye.  The attacks took down the Treasury Department, the Secret Service, Federal Trade Commission, and the Transportation Department websites over the weekend.  This week, outages have continued as the attackers show no signs of relenting.

South Korea has also been targeted.  The attacks on South Korea's government sites began on Tuesday.  The attacks affected South Korea's presidential Blue House and the Defense Ministry, and some banking sites, among others.

The U.S. government believes North Korean or pro-Pyongyang forces are responsible for the attacks.  They are refusing to officially discuss the attacks, but numerous sources have confirmed the attacks are severe and ongoing.  Speaking to a group of South Korean lawmakers, South Korea's National Intelligence Service stated Wednesday that it believes that North Korea or North Korean sympathizer in the south "were behind" the attacks.

In the U.S., the Homeland Security Department's U.S. Computer Emergency Readiness Team is working with organizations to try to fight the attacks.  Spokeswoman Amy Kudwa states that it has "advised (the agencies) of steps to take to help mitigate against such attacks."

Using a denial of service approach -- killing websites by sending millions of requests to them, overloading the servers -- the attacks follow many previous ones.  The perpetrators of the attacks apparently used a computer virus, which infected many computers worldwide, to create a botnet.  This silent botnet was turned on over the weekend and began sending vast quantities of requests to the target sites.  The attacks have been much lengthier than a typical denial-of-service assault, much bolder, and more sophisticated.

The FTC site was down Sunday and Monday.  The Transportation Web site was "100 percent down" for two days, according to Ben Rushlo, director of Internet technologies at Keynote Systems a company that monitors web outages.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

actual damages?
By TSS on 7/8/2009 9:45:32 AM , Rating: 5
i'm wondering. besides the wages of people who have to clean up the mess, what's the actual damage of such an assualt on the nation?

for instance if they hack bank accouts and siphon off money, then the damage is obviously the money lost + money spend on security patching the holes the breach used.

not trying to downplay the severeness here... i'm just wondering what for effect this had, other then inconvenience.

on a side note, lol @ getting the secret service's website down. if there was any agency i'd say that wouldn't happen to....




RE: actual damages?
By captainBOB on 7/8/09, Rating: -1
RE: actual damages?
By kextyn on 7/8/2009 9:59:15 AM , Rating: 4
The Pentagon is Department of Defense. The sites listed are not part of the DoD. How does this have anything to do with the Pentagon?


RE: actual damages?
By 85 on 7/8/2009 10:00:40 AM , Rating: 2
quote:
You could say this was a proof of concept, now its definitely known that the pentagon isn't so secure from DDoS


yeah but im pretty sure that the system that got hit also didn't have classified stuff on it. I know this sounds ridiculous but who knows, may be they knew about it and and let it happen to gain support from the world against NK. world politics is very messy!


RE: actual damages?
By kattanna on 7/8/2009 10:11:05 AM , Rating: 4
quote:
world politics is very messy!


for all we know, it could have been US who did the attack to then show why we need to dump more money into the new cyber security center we are building


RE: actual damages?
By tmouse on 7/8/2009 3:16:10 PM , Rating: 1
Where does it even mention any DOD sites? It's just the "Hi , this is your government" public sites that are being brought down. While it can be made to look bad with shoddy reporting, so far all it means is little bobby might not get the information he needs for his civics homework (although he would probably just use Wikipedia anyways).


RE: actual damages?
By PitViper007 on 7/8/2009 9:52:21 AM , Rating: 2
I would say it depends on what the sites actually did. Were they portals for other things, say logging in to file reports for their agents, database lookups, etc? I don't know. However you want to look at it though, this is troubling indeed.


RE: actual damages?
By Donovan on 7/8/2009 12:29:40 PM , Rating: 2
The government does it the same way large companies do it: each agency will have an internal intranet behind a firewall and employees who are not in the office use a VPN tunnel to get in. The IRS, for example, calls their system ERAP (Enterprise Remote Access Program), and it is used by field agents who generally work from their home or from the taypayer's office.

An attacker would have to settle for attacking the VPN gateways or just consuming the total bandwidth available to that agency. Both types of attacks can be mitigated with redundancy and upstream packet filtering.


RE: actual damages?
By 67STANG on 7/8/2009 3:18:07 PM , Rating: 2
LOL. I used ERAP when I was at a software company contracted to do some custom web apps/intranet stuff for the IRS. It was ridiculously open-- I could browse pretty much everything.

I did have some fun when exploring and found that someone had Kenny G in their CD-ROM. I kept ejecting the CD about every 30 seconds. Good fun.


RE: actual damages?
By bhieb on 7/8/2009 10:22:38 AM , Rating: 4
Agreed, just because someone takes down a public web site does not really mean they can get to anything of importance.

The classified National Security systems are usually closed loop networks with no lines to the internet. Most of the time when there is a breach in the news about a classified doc it was because it was put on a laptop or some other box outside of that loop. AKA human error. These types of things need to be fixed sure, but just because someone can DoS a public site does not mean they will be downloading plans for the next super bomber.

Personally I think if MS's new AV is at least decent, it will make this much harder since having a few million Bots will not be as easy.


"If a man really wants to make a million dollars, the best way would be to start his own religion." -- Scientology founder L. Ron. Hubbard














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki