Information Warfare: South Korea Upgrades It Defenses

Archives

November 25, 2010: South Korea has completed the installation of special hardware and software to protect government and military Internet sites from the massive attacks they have received in the last two years. These DDOS (distributed denial of service) attacks prevent users from accessing the attacked sites. These defensive preparations are expensive, and ISP (Internet Service Provider) companies have to be convinced, or compelled, to cooperate and install the needed equipment that can deflect these attacks.

Last July, there were several days of DDOS on government and military web sites in South Korea and the United States. This year, there were another series of similar attacks. Unlike the 2009 attacks, this year there was little damage or disruption. That's because the attacks last year were transmitted by 260,000 hijacked PCs. Most of those have since been identified and cleaned up. The hacker code was programmed to attack U.S. and South Korean web sites every year, between July 4th and 7th. But some PCs (under 500) did not have the hacker code removed, and, on schedule, went at it again, it was a much weaker attack.

Last year's attacks were initially believed to have been organized by North Korea. But no conclusive evidence could be found for this. The hijacked PC launched DDOS attacks. These are carried out by first using a computer virus (often delivered as an email attachment or via an infected web site), that installs a secret Trojan horse type program, that allows someone else to take over that computer remotely, and turn it into a "zombie" for spamming or DDOS (distributed denial of service) attacks to shut down another site. There are millions of zombie PCs out there, and these can be rented, either from spamming or launching DDOS attacks. Anyone with about $100,000 in cash, including North Korea, could have carried out the attacks last year that infected all those PCs with orders to make attacks on South Korean and U.S. government sites every July. You can equip a web site to resist, or even brush off, a DDOS attack, and some of those attacked were prepared. But others were not.

The 25 government web sites targeted for these attacks had their DDOS defenses strengthened. And the search continues for who was responsible. There are no obvious suspects, other than perhaps bored teenagers or someone with a grudge against the U.S. and South Korean governments. A lot of hacker attacks on government computer networks appear to be aimless, and seemingly for thrills, not espionage or making a political statement.

 

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close