Cyberattack rocks South Korea

Conservative protesters burn portraits of North Korean leader Kim Jong-il (R) and his son Kim Jong-un during an anti-North Korea rally denouncing the North's cyber attacks and demanding a release of U.S. female journalists detained by the North, at a park in Seoul, July 10, 2009. Cyber attacks slowing U.S. and South Korean websites could enter a new phase on Friday by attacking personal computers and wiping hard disks, a South Korean government agency and Web security firm said. North Korea was originally a prime suspect for launching the cyber attacks, but the isolated state was not named on a list of five countries where the attacks may have originated, the Korea Communications Commission (KCC) said. (Jo Yong-Hak/Reuters)

SEOUL — Most people assumed it was just another irritating computer glitch. But no amount of impatient clicks on the refresh button or rebooting could fix this problem. Only later did many learn that they'd witnessed one of the largest South Korean cyberattacks, which crashed the websites of dozens of government offices, banks and portals, among others, in South Korea and the U.S.

The attack — orchestrated by unknown forces — was a chill-inducing reminder of just how vulnerable the country, which boasts of being the most wired in the world, can be. People suddenly found themselves stuck in line at banks, trapped with dysfunctional email accounts, unable to find information online, and worried about possible future attacks. There's been much finger-pointing, with questions about whether the government responded adequately.

For tech-savvy South Koreans, who spend an average of two hours a day on the web, the dark sides of technological advancement are not new. The country funds a counseling center to prevent addiction and help those in need.

Experts are saying that South Korea must learn a lesson from this unprecedented cyber sabotage.

The attacks — labeled the “7.7 cyber terror” by the media due to the first date on which it occurred — differed from previous incidents, which were mainly smaller in scale and designed to steal private information from companies or request money from websites by jamming their web pages.

The strikes were carried out on three separate dates through a DDoS attack — short for "distributed denial of service" — which utilized tens of thousands of personal computers that had been exposed to a malicious code spread through certain websites. The infiltrated computers, called “Zombie PCs,” were ordered to access designated websites tens or hundreds of times per second, causing the web pages to crawl or crash. Users of the computers were unaware their machines were being used as tools of the attack.

Shortly after the first strike, the government activated an emergency cyber-terror response team, which has so far tracked down and cut off access to five host sites containing the malicious code and 86 websites that downloaded the code, according to South Korea’s Yonhap News Agency.

http://www.globalpost.com/dispatch/south-korea/090710/cyberattacks