Report: July Cyberattacks in South Korea and the United States traced to North Korea
High-profile cyberattacks in July this year that caused Web outages in South Korea and the United States was traced to the North Korean government, a news report said Friday. The wave of cyberattacks were aimed at 27 American and South Korean government agencies and commercial Web sites temporarily jammed more than a third of them.
The IP address that triggered the Web attacks was traced back to North Korea’s Ministry of Post and Telecommunications, which leased the IP address from China.
The July attacks, in which floods of computers tried to connect to a single Web site at the same time to overwhelm the server, caused outages on prominent government-run sites in the U.S. and South Korea. Affected sites include those of the White House and the South’s presidential Blue House.
North Korea immediately was suspected of involvement in the attacks but there has been little concrete evidence.
South Korean media reported at the time that North Korea runs an Internet warfare unit that tries to hack into U.S. and South Korean military networks to gather confidential information and disrupt service, and that the regime has between 500 and 1,000 hacking specialists.
Computer experts say the Web attacks like those waged in July are not difficult to launch. The attacking software contained the text string “get/China/DNS,” with DNS referring to China’s Internet routing system. He said that it appeared that the data generated by the attacking program was based on a Korean-language browser. the attackers were generating about 23 megabits of data a second, not enough to cause major disruptions of the Internet at most of the sites that were being attacked.
Ties between the two Koreas frayed after South Korea’s President Lee Myung-bak took office last year pledging to get tough with nuclear-armed Pyongyang. However, inter-Korean ties have improved in recent months.