On GameSpot: The top games of the 2000s so far?
BNET Business Network:
BNET
TechRepublic
ZDNet

July 10th, 2009

Botnet awakes in further South Korean attack

Posted by Richard Koman @ July 10, 2009 @ 5:16 PM

Categories: Government technology

Tags: Operating System, North Korea, South Korea, Attack, South, Government, Microsoft Windows, Security, Operating Systems, Software

South Korea is increasingly looking like a nationwide botnet, as MyDoom malware implanted on thousands of PCs woke up, initiating a third wave of DOS cyberattacks on the country’s government, business and media servers, The Washington Post reports.

Ahnlabs, the country’s largest security company, predicted the explosion would set off at 6 pm local time. It did, but the predictions failed to understand just how many organizations were being targeted.

About half a dozen government Web sites not on the company’s list, including those of parliament, the Defense Ministry and the Foreign Ministry, slowed down or temporarily stopped working. South Korea’s main spy agency said that the “level of the attacks was highly organized and meticulously planned,” indicating the work of “certain organizations or state.”

We had some chatter the other day on what kind of OS was susceptible to this attack. Like this: “These are infected Windows operating system computers that are
attacking the government sites. Will we ever learn? ” And “I have no idea what the preferred operating system is in South Korea. Being an Asian country it is hard to say. It could be that a lot of the operating system are either Linux or pirated copies of Windows.”

The question isn’t what kind of servers are buckling under the denial of service attack, it’s what kind of machines are being zombied. I really think there’s no doubt about that. As Andrew Storms of nCircle wrote me yesterday:

When it comes to botnets, Windows is the predominant zombie system. In recent history, Botnets have left some of the largest and longest impressions on people. Conficker and Storm, to name two well known ones, received much attention from security professionals and main stream news. A DoS is an effective attack that if nothing else will raise awareness while chewing up tons of resources in time spent battling the traffic onslaught.

So what about North Korea? The South’s National Intelligence Service failed to provide any further information on their earlier assertions the North was behind the attacks, as the National Assembly’s intelligence did not meet. But that’s not suprising, Storms said: “When reportedly government and news sites in the US are targeted along with South Korean entities, then its an easy leap to suspect state sponsored involvement given the on going tense public relations with North Korea.” But it’s “unlikely the US government would ever publicly state the source of the attack to be North Korea even if intelligence agencies believed it to be the case.”

  • Talkback
  • Most Recent of 23 Talkback(s)
This ZDNET story is brought to you by: Microsoft
Microsoft Windows, the most insecure operating system on the planet.

Thanks to weaknesses in the Microsoft Windows operating system, these kinds of stories will reappear over and over again, sa... (Read the rest)
Posted by: Dietrich T. Schmitz Posted on: 07/16/09 You are currently: a Guest | | Terms of Use
Lets ban Windows and go hard core Linux.  Cayble | 07/10/09
DING! DING! DING! We have a winner here folks (read the post!)  Lerianis10 | 07/11/09
STILL TOO COMMAND-LINE ONLY  gertruded | 07/11/09
You Are Overstating  wolf_z | 07/13/09
Social hacking  Stan57 | 07/13/09
So why's it so much worse in Korea?  Zogg | 07/13/09
The government set themselves up  Necrolin | 07/11/09
South Korea is 99% Windows  A Grain of Salt | 07/11/09
I don't think it was the world  John Zern | 07/11/09
It sounds more like...  Fark | 07/12/09
Security updates are....  Erroneous | 07/13/09
remember that it is almost impossible to pin-point the source of the attack  drunken4mylife@... | 07/11/09
ActiveX, Java, JavaScript, Flash ActionScript, ...  privacy matters | 07/11/09
They don't know anything else  Necrolin | 07/12/09
So are online fraud, identity theft etc all considered "normal"?  Zogg | 07/13/09
Where's Loverock's Color Commentary?  itanalyst2@... | 07/13/09
Be interesting to know...  wolf_z | 07/13/09
RE: Botnet awakes in further South Korean attack  Loverock Davidson | 07/13/09
Whats the connection to North Korea?  bernalillo | 07/13/09
Loverock=Entertainment  rgrrogue | 07/13/09
hey!  pgit | 07/13/09
RE: Botnet awakes in further South Korean attack  deowll | 07/14/09
This ZDNET story is brought to you by: Microsoft  Dietrich T. Schmitz | 07/16/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement
Click Here

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here