More Web attacks, North Korea suspected

SEOUL Thu Jul 9, 2009 12:03pm EDT

1 of 4. Visitors listen to a police officer at the Cyber Terror Response Center of the National Police Agency in Seoul July 9, 2009.

Credit: Reuters/Choi Bu-Seok

Related Video

SEOUL (Reuters) - A fresh wave of cyber attacks that slowed U.S. and South Korean websites this week hit more targets on Thursday, a Web security firm said, while the South's spy agency has said the hacking may be linked to North Korea.

The impact of the attacks, aimed so far at dozens of sites including the White House and the South's presidential office, was seen as negligible, experts said, but served as a reminder that Pyongyang has been planning for cyber warfare.

"The anticipated attack did take place, but considerable countermeasures were taken and it did act as a defense to some degree," an official at the online security firm Ahnlab said.

Some South Korean government websites, including the Defense Ministry and the National Intelligence Service, were affected. Access to some U.S. government sites, including the State and Defense Department, from South Korea appeared to be disabled.

In Washington, U.S. government officials said all federal websites were up and running and there was no impact from any new attacks on Thursday.

The Pentagon said it had experienced an increase in cyber activity for about 24 to 48 hours after the July 4 holiday but the upswing had no significant effect on operations.

The Internet sites of some South Korean banks experienced a surge in access requests but a bank official said programs were run to disperse traffic and bring service back within an hour.

If the North was responsible, it would mark an escalation in tension already high from Pyongyang's nuclear test in May, a barrage of ballistic missiles in July and repeated taunts of long-time foes Seoul and Washington in its official media.

But some analysts questioned the North's involvement, saying it may be the work of industrial spies or pranksters.

One online expert was quoted as telling a South Korean daily that tracking the spread of the malicious software showed it had originated from an IP address based in United States.

The attacks will likely be regarded by the North's leadership as a victory for Kim Jong-il -- even if Pyongyang was not behind them -- because they hurt the country's traditional foes, adding a new dimension to the threat level posed by the reclusive state.

The attacks saturated target websites with access requests generated by malicious software planted on personal computers. This has overwhelmed some targeted sites and slowed server response to legitimate traffic.

PYONGYANG PLANS FOR CYBER WARFARE

The attacks did not lead to a breach of sensitive government material or damage online infrastructure in South Korea, the world's most wired country, government officials said.

But the National Intelligence Service said in a statement it was stepping up alert to monitor potential attacks against the network of energy and communications facilities.

South Korean media quoted parliament members saying after an intelligence briefing on Wednesday that the spy agency believed "North Korea or pro-North elements" were behind the attacks.

The defense ministry is allocating 26 billion won ($20.33 million) to beef up security for its computer system, according to a budget request it released on Thursday.

U.S. officials would not speculate on who might be behind the attacks but noted that U.S. government websites face attacks or scams "millions of times" a day.

An expert on North Korea at the Heritage Foundation, Bruce Klingner, said the North had in operation a military unit with up to 1,000 skilled computer hackers created 10 years ago.

"Pyongyang has an extensive and capable cyber terrorism effort to provide asymmetric attack capabilities," he said.

Internet access is denied to almost everyone in hermit North Korea, but intelligence sources said Pyongyang had placed a high priority on developing cyber attack skills.

Last month, the North warned of "high-tech war" against the South for spreading what it said was false information about its involvement in cyber attacks.

($1=1278.9 Won)

(Additional reporting by Rhee So-eui and Jungyoun Park in Seoul, Clare Baldwin and Jim Christie in San Francisco and Deborah Charles and David Morgan in Washington; Editing by Eric Beech)