By South Korean intelligence officials thinks so:
South Korean intelligence officials believe North Korea or pro-Pyongyang forces committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.
The sites of 11 South Korean organizations, including the presidential Blue House and the Defense Ministry, went down or had access problems since late Tuesday, according to the state-run Korea Information Security Agency. Agency spokeswoman Ahn Jeong-eun said 11 U.S. sites suffered similar problems. She said the agency is investigating the case with police and prosecutors.
In the U.S., the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department Web sites were all down at varying points over the July 4 holiday weekend and into this week, according to American officials inside and outside the government.
Others familiar with the U.S. outage, which is called a denial of service attack, said that the fact that the government Web sites were still being affected three days after it began signaled an unusually lengthy and sophisticated attack. The officials spoke on condition of anonymity because they were not authorized to speak on the matter. [Associated Press]
What is interesting about this is that this guy predicted these cyber attacks by North Korea in response to the UN sanctions imposed on them. Notice that the attacks came after the US was able to get Malaysia to impose financial sanctions on North Korean accounts, which may or may not have been related to the turning around of the Kang Nam I and it returning to North Korea. At any rate the attacks did come after the Kang Nam I was able to return to North Korean waters.
Reports of North Korea setting up a cyber warfare school actually goes all the way back to 1998, but was never taken seriously until Rebecca MacKinnon wrote about this school in Foreign Policy magazine back in 2005. Since then the North Koreans have established a cyber warfare division known as Unit 121. They have about 12,000 people in this unit with a sizable annual budget of about $56 million dollars. North Korea is currently ranked 8th on the cyber capabilities threat matrix that was last updated in February 2009.
When news first came out about North Korea’s cyber warfare unit four years ago I actually speculated that it would be easier for the North Koreans to use members of their fifth column in South Korea to launch attacks and I would not be surprised if that is was the North Koreans did with these recent attacks in order to give themselves plausible deniability.
9:08 am on July 8th, 2009 1
[...] See original here: Was North Korea Behind Cyber Attacks In the US & South Korea? [...]
12:29 pm on July 8th, 2009 2
I wonder if One Free Korea’s site was hit? I can’t currently access it…
Reply
1:54 pm on July 8th, 2009 3
Apparently, the US Treasury Department has defensively blocked access from any Korean domain. If you are on a Korean ISP and try http://www.irs.gov, you get
Reply
3:20 pm on July 8th, 2009 4
I haven’t been able to access the USFK website in a few days. Anyone know if that was effected also?
Reply
July 8th, 2009 at 6:21 pm
NavyMom1 you are right the USFK site is still down. Maybe it was hit by the North Korean hackers?
Reply
3:52 pm on July 8th, 2009 5
This was a pretty smart move from North Korea’s point of view: if you are a lunatic regime that doesn’t mind if millions of your people starve…
NK has tried its big cards a few times now – ICBM and nuke tests, and the US is starting to get tired of paying attention (in part because it doesn’t seem to be able to get others to agree to do something about it).
So, I thought the natural progression would be for NK to go back to basic blood-letting like it had used in the past.
It didn’t. It pulled out a new trick —- and one specifically designed to gain the attention of the rich, high tech democracies – like the US and Japan and SK.
It is NK shouting out that it believes there is another big vulnerability to the rich nations and it can exploit it….
…pretty good move for a nation that survives on blackmailing what it can get…
Reply
7:55 pm on July 8th, 2009 6
I’m intrigued by the admission that the North Koreans with sympathysers(?) attacked so many US sites on July 4th with apparently so little effect.
I have to wonder if, like flying near radar sites to get the enemy to turn on their radars is not also taking place, with the US collecting all the data from servers and senders of data from all over the world. Any time an attack occurs.
The US has many cyber experts working as well, with much more at their disposal for a counter attack. I have to believe the US is ahead of the game. But there is nothing said to confirm this.
Reply
July 8th, 2009 at 9:18 pm
It would be an asymmetrical contest to go tit-for-tat with NKorea in cyberwar. We could knock out all their networked systems and I don’t believe it would have as much of an affect on them as even a minor attack would have on us. That’s an advantage a low tech country would have against a high tech country.
They say it’s a denial of service attack. They a relatively easy to setup and difficult to defend against. There are estimated to be millions of computers on the Internet embedded with sleeper code ready to be activated to launch such attacks.
BTW, one of the lessons I learned when I worked computer security is that in almost all cyber attack, it’s not the attack itself that results in most of the damage and cost, it’s the response to the attacks that are most costly. There is a tendency for overkill in response. Administrators sometimes start pulling systems offline abruptly, causing losses of critical data. They usually presume the worst case which results in indefinite downtime and productivity loss while everything is scrubbed.
This was over a decade ago and I don’t know how much has changed now. But, I think administrators could stand to invest more time in streamlining their response and recovery practices.
Old computer security joke: A expert is invited to a unit to teach basic computer security. He starts to explain what a hacker does. They read your private files. They cause your computer to run slow. Sometimes, they cause your computer to stop running all together. A guy in the audience raises his hand and says we have one of those in our unit. We call him the system administrator.
Reply
8:49 pm on July 8th, 2009 7
USFK.mil is not down. It is simply not accessible from non-DOD IP’s. Though Korean media report that it was attacked (google USFK in the news section). From a security standpoint: Why leave a website that is not mission critical available? In my opinion, the usfk site is not useful to non-dod personnel anyway.
Reply
July 9th, 2009 at 7:47 pm
It was nice to view the USFK site from a mother’s standpoint just to see pictures and read about our service members there. Certainly not necessary if security is at issue, but it was a window into daily life in a country far from the US and I do miss reading the SHARP Points. Hopefully we will still be able to connect to their YouTube and Flicker sites.
Reply
10:27 pm on July 8th, 2009 8
this always amuses me that when commercial or public govt sites are taken out people get all riled up for no reason
ok so koreans couldnt access their banks online (so what)
or go to the blue house website (how many visitors hit that daily?)
ok so americans couldnt access a few govt sites
the only part to be concerned about is the fact the attack vulnerability is residual from 2004 and its left unpatched
security wise and taking out critical communication sites is a joke because that is not what ever happens
Reply
1:57 am on July 9th, 2009 9
But, its also an exercise…..like shooting up an ICBM or testing a nuke. Whatever other motivations are behind it, it is also an exercise North Korea hopes to learn from to improve so that if they ever do go for broke, they’ll have a better chance.
Reply
July 9th, 2009 at 7:03 pm
The North Koreans have been getting a lot of “exercise” over the last year.
Reply