U.S. and South Korea hit by cyber attacks
While everyone was so busy commemorating the sudden death of pop superstar Michael Jackson, not much attention was given to the cyber attack that crippled websites of South Korea and the United States of America.
11 major Korean government agencies, banks, portals and private businesses including the Blue House and the Defense Ministry were attacked and left paralyzed for quite some time. The Korea Information Security Agency (KISA) reported that a coordinated cyber attack was launched on the Blue House, National Assembly, Foreign Ministry, Defense Ministry, the ruling Grand National Party, Nonghyup bank, Shinhan Bank, Korea Exchange Bank, the online shopping mall Auction, top Web portal Naver and the Chosun Ilbo newspaper.
In the United States, 14 U.S. government sites, including those of the White House, Treasury Department, Secret Service, Federal Trade Commission, Transportation Department and the New York Stock Exchange, were also knocked out by hackers over the same period of time.
A distributed denial of service (DDoS) was used to bring down the websites. DDoS is the flooding of Web sites with requests from a collection of compromised computers and making them inaccessible to the general public. KISA said that an estimated 25,000 personal computers were hijacked for the purpose, with some 23,000 of them located in Korea.
A portion of the attack is being carried out by a piece of malware identified as w32.dozer and variants of the MyDoom worm that appear to be infecting computers globally. The W32.dozer is a threat that is predominately distributed as an email attachment. Once a user clicks on the attachment, the threat downloads a package onto the system that contains the following:
– Trojan.dozer, which is used to take over the computer for the botnet
– A list of host sites, which instructs the botnet of which sites to attack
– MyDoom worm, which is currently believed to be used for its mass mailing capabilities to redistribute w32.dozer
Given the nature and time of the attack, South Korea’s spy agency said North Korea may be behind the attacks, while the U.S. government has said it is too soon to make such claims. I too would agree that it is too early to put a blame on anyone, especially North Korea.
A DDoS can be launched from anywhere. And computers could have been compromised for a period of time, and that could later be activated by the hackers. The attacks could be financially motivated, or could simply be messing around to gain popularity.
The incident is a wake up call for all of us computer users that the danger is real and the impact of such attacks could be disastrous to most of us since we are beginning to depend on technology to do our daily lives. Without technology, the world will come to a halt so to speak, especially to more advance countries like the U.S. and South Korea.
To guard against the DDoS, computer users should update their security software with the latest definitions, keep their computer systems clean and continue to use general best practices for staying safe online.
I have been saying all along, in this age and time, the one who has the information and knowledge controls the world. So be vigilant always. God Bless us all!