Threat Center Security News Korean tension spills over the Net
Korean tension spills over the Net Print E-mail
Written by Rebecca Mints   
Sunday, 19 July 2009 19:14

In what is believed to be part of the tension involving North Korea and its aggressive war stance, a malicious software is now creating a widespread explosion over the Internet, seriously threatening websites of South Korean and United States government.

Robert Lemos of SecurityFocus has reported that a denial-of-service attack has created network traffic that has so far affected website belonging to the two governments.

The attack was carefully planned to start on the 4th of July and for two weeks have been shooting down around 26 Web sites, including some U.S. Commercial sites, according to Joe Stewart of SecureWorks. "In the latest file distributed on Tuesday, some of the U.S. Sites were taken out and the South Korean sites were added in," said Stewart.

The attack has been described by security experts as a work of an amateur, noting that "actual sophistication and power of the denial-of-service attacks were mediocre at best.

"Data collected in one case indicated an attack of 23 Mbps to 25 Mbps-not large by modern standards-while the bot software showed a lack of understanding of current packing techniques," said Stewart.

Other security researchers agree with Stewart. "This in my opinion is not a very sophisticated attack, and to me, that is disappointing because these sites should not be collapsing from these attacks," observed Michael Sutton, Zscaler vice president for Security Research.

The attack has been likened to year 2000 massive attack that triggered denial-of-service and shut down major e-commerce sites such as and, even Yahoo. This attack was done by a 15-year old Canadian who named himself MafiaBoy. He was arrested in 2006 and imprisoned for eight months.



WTW Threat Level