S Korean websites come under attack
05 March 2011, 15:01
Seoul, South Korea - Unidentified attackers targeted more than two dozen South Korean government and private websites on Saturday, a day after two waves of similar attacks, but officials reported no serious damage.
A total of 29 websites were on hit Saturday in so-called "denial of service" attacks, in which large numbers of "zombie" computers try to connect to a site at the same time in an attempt to overwhelm the server, the Korea Communications Commission said.
Commission official Lee Sang-kug said the attacks were "so weak that no actual damage was detected so far." Lee said the commission would keep a close watch on the situation in coming days, but that the fallout was likely to remain limited because the government and computer security companies were well prepared.
Saturday's attacks on sites including South Korea's presidential office, the Foreign Ministry, the Defence Ministry, some financial institutions and US Forces Korea followed two rounds Friday in which damage was also limited.
Lee said that 40 websites were originally targeted on Friday, though only 29 came under actual attack. A total of 29 were targeted on Saturday, he said.
The National Police Agency said the attacks originated from 30 servers in 18 foreign countries or territories including the United States, Israel, Russia, Hong Kong, Taiwan, Thailand, Japan, India, Brazil and Iran.
"We may find more servers behind this attack as it is only the beginning of the investigation," said Jung Suk-hwa, head of the agency's Cyber Terror Response Center. "Generally, there is someone else who controls all of these servers and we are working to figure out who it is."
In 2009, some government websites in South Korea and the US were paralysed by a similar type of attack that South Korean officials believed was conducted by North Korea. But US officials have largely ruled out North Korea as the origin, according to cybersecurity experts.
South Korean media have previously reported that North Korea runs an internet warfare unit aimed at hacking into US and South Korean military networks to gather information and disrupt service.
Park Kun-woo, a spokesperson for South Korean computer security company AhnLab, said on Friday that China is also pointed to as a source of cyberattacks because a large amount of malware, or malicious software, originates from there.