Thursday, July 9, 2009

Fingerpointing in US-Korea Hacking Episode

Beginning on July 4th, and continuing until as recently as today, government and some other websites in both ROK and the US have been crippled by a distributed denial of service attack.

For the most part, my personal cyber-life was unaffected, except that was periodically unavailable--not that I go there that much anymore, since they fired Dan Froomkin at he beginning of the month, one of the few journalists left who pounds the accountability beat, for the media as well as for politicians and government. (Good news, he'll be starting at the Huff Post sometime soon.)

What's interesting is the way the virus seemed to succeed in an unexpected way by sending erstwhile allies into a bout of fingerpointing and friction. The attack was largely built from the MyDoom virus, first exposed in 2004, so presumably the cadre of infectable machines was low (some 50,000 to 65,000 machines were infected), and seem to be located mainly in China, Korea and Japan.

According to an article at
“The fact that it’s using older threats isn’t a terribly stealthy attack,” says Dean Turner, director of Symantec’s Global Intelligence Network. “And the fact that it’s re-using code could indicate that somebody put it together in a hurry or that, as with most DDoS attacks, their purpose is mostly nuisance. It didn’t require a degree in rocket science to pull that stuff together.”...
Denial-of-service attacks are one of the least sophisticated kinds of attacks a hacker can launch and have been around for nearly as long as e-commerce.

Conversely, over at Korea Herald, we get this:
Hong Min-pyo, CEO of a local security software firm Shiftworks yesterday raised the possibility of the "Distributed Denial of Service" virus originating from a locale in the United States, which also was hit by an attack that started as early as July 4.
Hong cited analyses conducted on the virus, saying the masterminds appeared to be "tech-savvy."

Yonhap News reported that Korea Information Security Agency along with the spy agency initially blamed the attack on North Korea or its sympathizers, pointing out that despite Pyongyang's decripit infrastructure, it has been training hackers for years now.

Korea's opposition Democratic Party then suggested the claim was political, motivated by a desire to pass a counter-terrorism bill. Korean politics is famously rough-and-tumble, but I think it's rare that they let it thwart counterterrorism and national security efforts--the party out of power is usually critical of the way the other party kowtows to the US military, but when they are in power, they do some pretty fine kowtowing themselves.

Anyway, fear not, Dear Readers, my computer was unaffected by the virus, and my blog is hosted by good ol' Google, who knows a thing or two about DOS. So you can be assured of uninterrupted grazing, or harvesting, or cultivating, or whatever-it-is-you-do here in the Seoul Patch. Whatever it is you do.

No comments: