North Korea identified as origin of cyber attack

July 9, 10:52 AMHouston Law and Politics ExaminerDustin Sachs

Previous Next

Comment Print Email RSS Subscribe

Subscribe

Get alerts when there is a new article from the Houston Law and Politics Examiner. Read Examiner.com's terms of use.

Email Address   Include other special offers from Examiner.com Terms of Use

AP Photo/Ahn Youn-joon

North Korea has been identified as the origin of a recent series of cyber attacks. In addition to the countless missiles recently launched in North Korea, this new threat has been detected. On Wednesday, U.S. authorities focused on North Korea as the origin of the widespread cyber attack that overwhelmed government Web sites in the United States and South Korea. The identity of the actual attackers, may take a significant time to determine.

Over the July 4th holiday, Treasury Department and Federal Trade Commission web sites were shut down by the software attack. Web sites, such as the Pentagon and the White House, were unaffected by the attack.

These attacks came only days before a similar attack on South Korea websites. While the origin of the attacks has been traced to North Korea, officials warn that it does not necessarily mean that the North Korean government was involved.

Intelligence officials in South Korean have identified North Korea as a suspect in those attacks and said that the sophistication of the assault suggested it was carried out at a higher level that just rogue or individual hackers. However, U.S. officials publicly declined to discuss who may have instigated the intrusion or how it was done.

In recent years, the National Security Agency, Department of Homeland Security, the State Department, the Nasdaq stock market and The Washington Post, have all been victims of similar attacks.

Cyber assault experts have said that this most recent incident underscores the shortcomings in the U.S. government's efforts to protect its agencies against Web-based attacks.

James Lewis, a senior fellow at the Center for Strategic and International Studies, said that “the fact that both the White House and Defense Department were attacked but didn't go down points to the need for coordinated government network defenses.” Lewis says that the success of the two departments, “says that they were ready and the other guys weren't ready."

The cyber assaults that took down several government websites are known as "denial of service" attacks. These attacks against Web sites are caused when sites are overloaded with Internet traffic to the point that they are effectively taken off-line.

The day after the US sites were attacked, similar South Korean Web sites were added. Joe Stewart, director of malware research for the counterthreat unit of SecureWorks Inc. said, "It seems to me they thought the first round wasn't successful ... they felt they weren't getting enough attention because nobody was talking about their attacks."

The cyber assault on the White House site had "absolutely no effect on the White House's day-to-day operations," said spokesman Nick Shapiro. He said that preventive measures kept whitehouse.gov stable and available to the general public.

Shapiro was quick to state that all federal Web sites were back up and running. A State Department spokesman said the agency's site was up but still experiencing problems. A Web site for the U.S. Secret Service had experienced access problems but did not crash, the agency's spokesman said.

The cyber attack did not appear, at least at the outset, to target internal or classified files or systems, but instead aimed at agencies' public sites, creating a nuisance both for officials and the Web consumers who use them.

Dale Meyerrose, former chief information officer for the U.S. intelligence community, said that at least one of the federal agency Web sites got saturated with as many as 1 million hits per second per attack - amounting to 4 billion Internet hits at once.

The widespread attack was "loud and clumsy," which suggests it was carried out by an unsophisticated organization, said Amit Yoran, chief executive at NetWitness Corp. and the former U.S. government cybersecurity chief. "This is not the elegance we would expect from sophisticated adversaries."

Officials agreed, however, that the incident brings to the forefront a key 21st century threat.

"It tells you that cyber attacks are real. It's a very serious problem and one of the more serious facing us, along with terrorism, and China and Russia are the main threats," said Rep. Dutch Ruppersburger, D-Md., who was briefed on the incident.