South Korean websites come under further attack
Saturday, March 5, 2011; 3:33 AM
SEOUL, South Korea -- Unidentified attackers targeted more than two dozen South Korean government and private websites Saturday, a day after two waves of similar attacks, but officials reported no serious damage.
A total of 29 websites were hit Saturday in so-called "denial of service" attacks, in which large numbers of "zombie" computers try to connect to a site at the same time in an attempt to overwhelm the server, the Korea Communications Commission said.
Commission official Lee Sang-kug said the attacks were "so weak that no actual damage was detected so far." Lee said the commission would keep a close watch on the situation in coming days, but that the fallout was likely to remain limited because the government and computer security companies were well prepared.
Saturday's attacks on sites including South Korea's presidential office, the Foreign Ministry, the Defense Ministry, some financial institutions and U.S. Forces Korea followed two rounds Friday in which damage was also limited.
Lee said that 40 websites were originally targeted Friday, though only 29 came under actual attack. A total of 29 were targeted Saturday, he said.
The National Police Agency said the attacks originated from 30 servers in 18 foreign countries or territories including the United States, Israel, Russia, Hong Kong, Taiwan, Thailand, Japan, India, Brazil and Iran.
"We may find more servers behind this attack as it is only the beginning of the investigation," said Jung Suk-hwa, head of the agency's Cyber Terror Response Center. "Generally, there is someone else who controls all of these servers and we are working to figure out who it is."
In 2009, some government websites in South Korea and the U.S. were paralyzed by a similar type of attack that South Korean officials believed was conducted by North Korea. But U.S. officials have largely ruled out North Korea as the origin, according to cybersecurity experts.
South Korean media have previously reported that North Korea runs an Internet warfare unit aimed at hacking into U.S. and South Korean military networks to gather information and disrupt service.
Park Kun-woo, a spokesman for South Korean computer security company AhnLab, said Friday that China is also pointed to as a source of cyberattacks because a large amount of malware, or malicious software, originates from there.