backtop


Print 35 comment(s) - last by redbone75.. on Jul 13 at 8:25 AM

South Korean, U.S. networks still being targeted days after massive attacks

Days after systematic cyber attacks against government and financial institutions crippled computer networks in South Korea and the United States, additional cyber attacks have hit both nations.

Unlike the first wave of attacks earlier in the week, the U.S. State Department said its networks are still being targeted, but with lower volumes of attacks.  South Korean officials said some of its government networks are still being targeted, but also have noticed a dramatic decline in the attacks following July 4.

The botnet had at least 100,000 hijacked computers in South Korea, Japan, China, the U.S. and other countries, which makes accurately tracing the source of the attacks extremely difficult.

"The anticipated attack did take place, but considerable countermeasures were taken and it did act as a defense to some degree," an Ahnlab security firm official told Reuters.  Ahnlab also pointed out that "tens of thousands" of affected computers could have problems booting up, although other experts have not been able to verify that number.

Several U.S. federal agencies will now monitor popular online hacker hideouts, while security experts attempt to locate any digital fingerprints left behind in computer code.  The group responsible appears to be rather unorganized and possibly inexperienced, causing experts to note how a larger, more organized group may be able to cause a higher level of cyber damage to targets.

Security experts are now trying to figure out who is behind the cyber attacks, though early reports indicate North Korea may be behind the attacks.  China and North Korea were both immediately suspected of the attacks, but Chinese officials denied the accusations, saying there was no reason for them to launch so many attacks against South Korea.

The country, unlike China and other regions in Eastern Europe, reportedly have not launched organized cyber attacks, but this could mark its entrance into cyber warfare.

Moving forward, security experts are concerned the cyber attacks could spread from major computer networks to individual PCs, with hackers possibly hijacking them, then turning them into zombies.  If this truly is a cyber war, it appears there is very little the U.S. and South Korea can do against the perpetrators -- assuming they're accurately identified in the first place -- leading to other attacks from the same group.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

!#!$#s
By Regs on 7/10/2009 8:40:54 AM , Rating: 2
Come out and fight like real men. You want to start a war?

When will cyber attacks ever be taken seriously when a country or organization commits it? What if one of these days we had a fire sale, something that could of been preemptively stopped, but we don't believe cyber crime justifies a preemptive measure except for boosting defenses?




RE: !#!$#s
By wrekd on 7/10/09, Rating: -1
RE: !#!$#s
By Regs on 7/10/2009 9:04:43 AM , Rating: 1
I didn't mean just bombs you dumb idiot. We could of done a lot more before 9/11 with just our thumbs up are arse though. This includes actually investigating and making arrests. Now what if a country did it? What's your solution? Wait until a few buildings burn down to the ground or your precious retirement fund disappears?


RE: !#!$#s
By wrekd on 7/10/2009 11:45:17 AM , Rating: 2
I'm not really sure what you mean. You tried to paint a picture that we are weaker for not preemptively stopping an imaginary fire sale. You talked about preemptive measures and asked them to come out and fight. But they are coming out to fight; it's just a different kind of soldier this time.

I was just trying to get at what you meant by preemptive measures. To me, and in today’s world, preemptive measures means someone’s privacy, property, and security could be marginalized for the greater good of some group. I don’t like preemptive postures and I’m sure I’m not alone.

If someone punches you in the face, then punch them back. But I don’t think we should provoke and attack, or simply just attack first, because we think one could be coming.


RE: !#!$#s
By MrBlastman on 7/10/2009 1:45:19 PM , Rating: 2
Who is this "we?" I'm not part of it.

Oh, I suppose by your not believing in pre-emptive measures that means you are all for removing our missile defense systems and are against installing more of them?

Hey, the world is a nice and friendly place, nobody would ever try to nuke or bomb us here in America. :-| Isn't this the same kind of thinking that was big and prominent during the Clinton era that lead to 9/11?

What a sack of poo. If anything, we should be hacking the Chinese/N. Koreans right back - hack them into the ground.

However, since you are speaking of the "internet community," I propose a simple solution: Take our best gamer and challenge their best gamer to a duel in Quake or Doom to decide the war. Winner takes all. Nobody fires a single shot or kills a single baby.

:(


RE: !#!$#s
By wrekd on 7/10/09, Rating: 0
RE: !#!$#s
By rcc on 7/10/2009 3:20:01 PM , Rating: 4
quote:
Well, "we" the internet community, do not collectively believe that preemptive measures are needed. Lay off the Fox News.


Perhaps your "we" the internet community was a bit optimistic? Because based on experience "we" never all agree on anything.


RE: !#!$#s
By wrekd on 7/10/2009 11:01:47 PM , Rating: 2
I give up, yall win!

Funny because I agree.


RE: !#!$#s
By FITCamaro on 7/10/2009 9:14:40 AM , Rating: 2
Well I'm glad you've been appointed to speak for the world as to what we all think.


RE: !#!$#s
By wrekd on 7/10/2009 11:21:21 AM , Rating: 1
That was the whole point of my statement and why I quoted "we".


RE: !#!$#s
By amanojaku on 7/10/2009 8:55:52 AM , Rating: 4
quote:
Come out and fight like real men.
Warfare isn't about proving who's more manly. It's about piling up the bodies faster than your enemy. Sometimes that's best accomplished without guns, clubs or rocks. First guns separated combatants, then artillery, then bombs, then germs. Now cyber crime pops up and it basically shuts everything down so we have to go back to guns, rocks and clubs. The more things change...


RE: !#!$#s
By bhieb on 7/10/2009 10:03:01 AM , Rating: 3
Wow guys use the foil for baking not hats. No doubt China is funding some of this behavior, but why do people see this particular attack as a threat? Come on these are DoS attacks on public sites, hardly capable of "shutting down" anything.

There is no real protection from a good DDoS. If you have a public site and a limited bandwidth (and everyone is limited to some degree), and someone has access to enough bots. They can effectively shut down the site. Just part of being on the public net. It is no different from me screwing with my friends back in 1992 on 14K dialup on AOL by pinging them till their connection dropped. Little fancier but the same concept.

Overloading the bandwidth of a public site is hardly professional hacking, and in no way is it capable of shutting down closed loop systems like the power grid. Hell most of the time Apple and MS do it to them selves each time they release a popular update, with not enough bandwidth to accommodate demand.


RE: !#!$#s
By HrilL on 7/10/2009 3:22:54 PM , Rating: 3
Its not really the limited bandwidth. Its actually the CPU in the server that can't handle the amount of request. In my ethical hacking class we attacked one machine from about ten others. This was done on a network with 100Mb/s of bandwidth and the most we consumed was 10Mb/s on the NIC of the machine under attack. The CPU usage went up to 100% can the machine pretty much just froze up but it was responding to some of the request and also we were hitting it with millions of half open connections which then have to timeout before they'll close. This form of attack can be protected against with a firewall that will close half open connections if they reach over a certain number.

Now you can also use massive amounts of bandwidth and just flood the host connection and this will make it so legit traffic can't get through either. This type of attack can't really be defended against because the only way would be to start blocking IPs or ranges of them and this won't stop connection from being overloaded because the packets won't be dropped until they hit the firewall.


"There is a single light of science, and to brighten it anywhere is to brighten it everywhere." -- Isaac Asimov














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki