Print 26 comment(s) - last by HoundRogerson.. on Jul 12 at 9:24 PM

Sources believe massive denial of service cyberattacks against the U.S. government and South Korea were masterminded by North Korea.  (Source:
Attack knocked out the Treasury Department, the Secret Service and other U.S. government agency sites

Experts had warned that the U.S. was poorly defended against and ill-prepared for a major cyber offensive.  It turns out they were right.

Attacks against U.S. government sites occurring on July 4 are just now being revealed to the public eye.  The attacks took down the Treasury Department, the Secret Service, Federal Trade Commission, and the Transportation Department websites over the weekend.  This week, outages have continued as the attackers show no signs of relenting.

South Korea has also been targeted.  The attacks on South Korea's government sites began on Tuesday.  The attacks affected South Korea's presidential Blue House and the Defense Ministry, and some banking sites, among others.

The U.S. government believes North Korean or pro-Pyongyang forces are responsible for the attacks.  They are refusing to officially discuss the attacks, but numerous sources have confirmed the attacks are severe and ongoing.  Speaking to a group of South Korean lawmakers, South Korea's National Intelligence Service stated Wednesday that it believes that North Korea or North Korean sympathizer in the south "were behind" the attacks.

In the U.S., the Homeland Security Department's U.S. Computer Emergency Readiness Team is working with organizations to try to fight the attacks.  Spokeswoman Amy Kudwa states that it has "advised (the agencies) of steps to take to help mitigate against such attacks."

Using a denial of service approach -- killing websites by sending millions of requests to them, overloading the servers -- the attacks follow many previous ones.  The perpetrators of the attacks apparently used a computer virus, which infected many computers worldwide, to create a botnet.  This silent botnet was turned on over the weekend and began sending vast quantities of requests to the target sites.  The attacks have been much lengthier than a typical denial-of-service assault, much bolder, and more sophisticated.

The FTC site was down Sunday and Monday.  The Transportation Web site was "100 percent down" for two days, according to Ben Rushlo, director of Internet technologies at Keynote Systems a company that monitors web outages.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: actual damages?
By PitViper007 on 7/8/2009 9:52:21 AM , Rating: 2
I would say it depends on what the sites actually did. Were they portals for other things, say logging in to file reports for their agents, database lookups, etc? I don't know. However you want to look at it though, this is troubling indeed.

RE: actual damages?
By Donovan on 7/8/2009 12:29:40 PM , Rating: 2
The government does it the same way large companies do it: each agency will have an internal intranet behind a firewall and employees who are not in the office use a VPN tunnel to get in. The IRS, for example, calls their system ERAP (Enterprise Remote Access Program), and it is used by field agents who generally work from their home or from the taypayer's office.

An attacker would have to settle for attacking the VPN gateways or just consuming the total bandwidth available to that agency. Both types of attacks can be mitigated with redundancy and upstream packet filtering.

RE: actual damages?
By 67STANG on 7/8/2009 3:18:07 PM , Rating: 2
LOL. I used ERAP when I was at a software company contracted to do some custom web apps/intranet stuff for the IRS. It was ridiculously open-- I could browse pretty much everything.

I did have some fun when exploring and found that someone had Kenny G in their CD-ROM. I kept ejecting the CD about every 30 seconds. Good fun.

"This is from the It's a science website." -- Rush Limbaugh

Most Popular ArticlesAre you ready for this ? HyperDrive Aircraft
September 24, 2016, 9:29 AM
Leaked – Samsung S8 is a Dream and a Dream 2
September 25, 2016, 8:00 AM
Yahoo Hacked - Change Your Passwords and Security Info ASAP!
September 23, 2016, 5:45 AM
A is for Apples
September 23, 2016, 5:32 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki