By Lim Chang-Won (AFP) – Jul 8, 2009
SEOUL (AFP) — South Korea's intelligence service believes North Korea or its sympathisers may have staged a major cyber attack that shut down US and South Korean websites, lawmakers were quoted saying Wednesday.
The attack late Tuesday hit a total of 25 US and South Korean sites -- some of them official -- with those in South Korea shut down for nearly four hours.
"This is not a simple attack by individuals. The attack appeared to have been elaborately prepared and staged by a certain organisation or state," Seoul's National Intelligence Service (NIS) said in a statement.
Yonhap news agency said the NIS, which has launched an investigation, told parliament's intelligence committee that the communist North or people sympathetic to the isolated state may have been to blame.
"The NIS has been telling committee members that North Korea or a pro-North Korean force might be behind the cyber terror," it quoted one legislator as saying.
The committee, which is briefed in private, was reportedly to receive an official report Thursday from the intelligence service. An NIS spokesman said he could not disclose what information was given to committee members.
In its statement the NIS said US authorities were cooperating to track down those responsible for hijacking 12,000 personal computers in South Korea and 8,000 abroad which were exploited as vehicles for the attacks.
"The sites hit yesterday included 14 US sites including government ones," a spokesman for the Korea Information Security Agency told AFP, refusing to confirm a Yonhap report that the White House website was among those targeted.
In Korea, the defence and foreign ministries, the ruling party, parliament and the US-South Korea combined forces military command were among the 11 entities affected.
South Korea is one of the world's most wired countries, with 95 percent of homes having broadband access, according to a recent US survey.
The regulatory Korea Communications Commission said hackers had caused an attack known as a distributed denial of service (DDoS) by planting viruses in thousands of computers.
"Malicious codes which cause DDoS attacks have infected more than 18,000 personal computers," commission official Hwang Chul-Jung told reporters.
Hackers continued to attack some sites Wednesday, he said, adding Internet service providers were distributing a programme to remove the virus.
DDoS attacks involve the sending of huge amounts of data that cause web servers to seize up.
The damage appeared limited.
The defence ministry said the attackers apparently focused on its external network and internal data and secret information remained intact.
Among the private Korean sites infiltrated were a newspaper and two major lenders, Shinhan Bank and Korea Exchange Bank, officials said.
Most sites attacked Tuesday had since returned to normal but some could still not be accessed Wednesday morning.
The Defence Security Command last month reported that the nation's military computer networks were under ever-growing cyber attack, with 95,000 cases reported daily on average.
The command said most were the same as those experienced by ordinary users, but 11 percent were sophisticated attempts to gather intelligence.
The military said last month it would launch a cyber warfare command centre by 2012 to fend off attacks on government and military IT networks from North Korea and other countries.
Experts have said North Korea and China run elite hacker units.
In 2004 hackers based in China used information-stealing viruses to break into the computer systems of Seoul government agencies.
Last year Prime Minister Han Seung-Soo warned against what he said were attempts by Chinese and North Korean computer hackers to obtain state secrets.
Copyright © 2013 AFP. All rights reserved. More »