Computers and Security
Cyberattacks on U.S. And South Korea
The New York Times wrote an article in 2009 on cyberattacks that affected South Korea and the United States. According to the article, the Department of the Treasury, The Secret Service, the Federal Trade Commission and the Department of Transportation were all affected by the attack, which began the Saturday before. In addition, the White House site was also attacked ("U.S. Web Sites," 2009).
All the websites were victims of a denial of service attack. Denial of service, or DoS attacks, are when remote computers to flood targeted Web sites with a large volume of data that renders the sites inaccessible to other users ("U.S. Web Sites," 2009). It is believed that 50,000 PCs were hacked and used for this attack. In addition, 10 times the amount of information that was normally sent flooded the channels, rendering the sites inaccessible to other users ("U.S.-South Korea Cyberattack," 2009).
The origins of the attack are unknown. However, a detailed study of the attack done by McAfee shows that there is a 95% chance that it, and a subsequent attack on South Korea's system in 2011, was done by the same perpetrator. According to the Huffington Post, it was "a type of reconaissance mission to see how quickly South Korea's government detected the problem and recovered from it."
In addition, North Korea was initially blamed for the attack, due to clues in the code found by McAfee ("North Korea Blamed," 2011). However, the bots (infected computers) in charge of the attack were given a list of sites every time they updated, which pointed more toward a hacker or hackers rather than a state mandated attack. The hackers also neglected to make any attempt to avoid security software, which immediately detected the infection. This was also a clue that the DoS was not done by the state. Lastly, a state attack would most likely have focused on a few sites, as opposed to as many as 27 ("No Sign of N. Korea Backing," 2009).
The bots received their first update on July 5, which was only for five sites. All of those sites were U.S. government sites. The July 6 update increased the number to 21 U.S. sites. On July 7, the South Korean sites were added and on July 8, the total number of sites reached 26 ("No Sign of N. Korea Backing," 2009)
The U.S. Websites were back up and running within a day of the attack. The South Korean sites took more time to recover ("Cyberattacks Jam Government," 2009). Also, this incident was South Korea's third wave in 2009 ("South Korean Websites Hobbled," 2009)
You’re 85% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.