» This Story:Read +| Comments

South Korean Web Sites Are Hobbled in New Round of Attacks

Discussion Policy
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Washington Post Foreign Service
Friday, July 10, 2009

TOKYO, July 9 -- South Korea was bombarded Thursday with a third wave of cyberattacks, which disrupted and in some cases halted access to government, banking and media Web sites.

This Story
View All Items in This Story
View Only Top Items in This Story

Intelligence officials in Seoul, meanwhile, presented no hard evidence to support earlier suspicions that North Korea may have been behind the disruptions that have hit Web sites in South Korea and the United States in recent days.

The timing of Thursday's attacks, which began in the early evening, had been predicted by the country's largest computer security company, Ahnlabs. It said hackers had planted "malicious codes" in thousands of personal and business computers, which contained instructions to bombard seven Web sites in South Korea at 6 p.m. local time.

When the attacks began, however, there were many more targets than predicted. About half a dozen government Web sites not on the company's list, including those of parliament, the Defense Ministry and the Foreign Ministry, slowed down or temporarily stopped working.

South Korea's main spy agency said that the "level of the attacks was highly organized and meticulously planned," indicating the work of "certain organizations or state."

The National Intelligence Service did not, however, single out North Korea by name as a suspect. Agency officials had told some members of the National Assembly yesterday that North Korea was the prime suspect, according to news reports in Seoul.

The intelligence agency had been expected to elaborate on that conclusion Thursday before the intelligence committee in the National Assembly. The committee did not convene, however, because the main opposition party vetoed the session, according to Park Ji-won, a member of the committee and a senior member of the opposition.

The attackers appeared to have backed off U.S.-based targets. Alex Lanstein, senior security researcher at FireEye, a Milpitas, Calif.-based computer security firm, said the attackers dropped the U.S. government and commercial Web sites from their hit list Tuesday afternoon, after those sites began working with large Internet service providers to filter and block the attack traffic.

Experts said the bug that caused the attacks, called MyDoom, is fairly unsophisticated. But they also noted that the bug was being frequently reprogrammed to target different sites.

"This wasn't a computer program thrown out into the wild," said Peder Jungck, founder and chief technology officer of CloudShield, a California cybersecurity firm. "Someone was actively monitoring its success and changing the targets based on the response. There's a human on the other side playing chess with us."

The MyDoom bug first surfaced in January 2004 and was originally programmed to force all infected personal computers to attack the Web sites of SCO Group, a software company in Lindon, Utah, and Microsoft. Microsoft still has a standing reward offer of $250,000 for information leading to the arrest and conviction of the bug's author.

Staff writers Brian Krebs and Ellen Nakashima in Washington contributed to this report.

» This Story:Read +| Comments

More Asia Coverage

Foreign Policy

Foreign Policy - China News

The latest on China from our partners at FP magazine.


Connect Online

Share and comment on Post world news on Facebook and Twitter.

North Korean Prison Camps

North Korean Prison Camps

Interactive map of five major prison camps in the country.

© 2009 The Washington Post Company