North Korean hackers blamed for sweeping cyber attack on US networks

Police officers from National Police Agency show a seized computer which was used for hacking at the agency's headquarters in Seoul July 8. South Korean authorities issued a cyber-security warning on Wednesday after the Web sites of government agencies and financial institutions were disabled by apparent hacker attacks, possibly linked to North Korea.

Hwang Gwang-Mo/Yonhap/Reuters

July 8, 2009

Update: Attacks continue today in South Korea.

A series of attacks on computer networks in South Korea and the US was apparently the work of North Korean hackers, several news agencies are reporting today. The attacks, which targeted the White House, the Pentagon, and the Washington Post, among other high-level institutions, are raising concerns that the long-simmering conflict with North Korea is expanding into a dangerous new theater.

According to Seoul's National Intelligence Service, the "attacks appeared to have been elaborately prepared and staged by a certain organization or state." In that statement, North Korea was not specifically named, but the Yonhap news agency said the NIS had traced the attacks to North Korea or pro-Pyongyang forces.

"The NIS has been telling committee members that North Korea or a pro-North Korean force might be behind the cyber terror," a South Korean legislator told Yonhap. The statement has not been independently verified, and South Korean intelligence agency say the matter remains under investigation.

Meanwhile, The Associated Press has obtained a list of the targets in a coordinated attack last weekend on US networks. Included on the list are the National Security Agency, the Department of Homeland Security, the State Department, and the Nasdaq stock exchange. Many of the organizations appeared to have successfully blunted the sustained computer assaults, the AP said.

In South Korea, the sites of the presidential office, the defense ministry, and the National Assembly were saturated with access requests generated by malicious software on Tuesday, crippling server response to legitimate traffic, South Korea's Communications Commission said in a statement.

A test

Many analysts see the attacks as a test of the US government's ability to deal with a coordinated cyber-attack.

In late May, President Obama unveiled the details of an ambitious new cyber-security initiative, which he said would gird the nation’s infrastructure against digital threats. “We rely on the Internet to pay our bills, to bank, to shop, to file our taxes,” Obama said in a news conference. “But we’ve had to learn a whole new vocabulary just to stay ahead of the cyber criminals who would do us harm – spyware and malware and spoofing and phishing and botnets."

At the time, the White House appeared to be responding to two high-level cyber-security incidents: the apparent breach of a top-secret strike fighter program and a viral attack on computers at a military base in Afghanistan. “[It’s] clear that we’re not as prepared as we should be, as a government or as a country,” Obama said, adding that, the US has "failed to invest in the security of our digital infrastructure.”

As Monitor reporter Gordon Lubold has noted, there were some 37,000 cyber attacks in the United States in 2007 alone – up 800 percent from 2005, according to a recently published estimate that cited data from the Department of Homeland Security.

What's next?

The attacks on networks here and in South Korea are the latest reminder that cyber-security remains a pressing concern in the 21st century. They may also be a sign that North Korea has stumbled across a new way to provoke its neighbors to the South and its enemies to the West.

On Mashable, Stan Schroeder writes that continued attacks could have profound economic and political consequences. "What seems like a geek’s dream come true – a cyber war – might end up in tighter government control over the Internet, which can have serious privacy implications for all of us," he argues.

Meanwhile, Ed Morrissey, a conservative blogger, sees the attacks as a clear-cut case of provocation. "The cyber attack shows that [North Korean leader Kim Jong-il] has put plenty of resources into that technology and that Pyongyang intends on pursuing hostilities on every possible battlefield in this generation of leadership and the next," he writes. "The US had better show that we can prevail against it and make it more costly for the Kims than for us."

Update: State Department spokesman Ian Kelly said today that the attack against the state.gov website is "ongoing" but "much reduced," Bloomberg News is reporting. Kelly said he could not speculate as to the identity of the attackers. “We’re investigating, but we can’t confirm the source of attacks yet,” he said.

---

For more tech news and updates, follow us @CSMHorizonsBlog.