Warning: Use of undefined constant user_level - assumed 'user_level' (this will throw an Error in a future version of PHP) in /home/secretidentity/public_html/wp-content/plugins/ultimate-google-analytics/ultimate_ga.php on line 524
In the past week Americans have been shocked by the deaths of many pop culture icons. The passing of Ed McMahon, Farrah Fawcett, Billie Mays and Micheal Jackson stunned not only the U.S. but in some cases people all over the world. But maybe in the mourning or shock of the deaths of these celebrities, global news, especially about North Korea and cyber crimes may have been lost in the “shuffle.”
Trouble with North Korea has been brewing for some time. Even during President Bush’s administration threats of nuclear testing were a big concern, and they remain one even now. This spring, two American journalists were detained and later convicted of “illegal border crossing and an unspecified grave crime.” The penalty, 12 years reform through labor.
What you may not know about in the news this week are cyber attacks on many US and South Korea government websites. According to Johannes Ullrich, chief technology officer for the private SANS Internet Storm Center, the attack began over the holiday weekend and Unites States sites targeted included the White House, DOT (Department of Transportation), Department of Homeland Security, the FAA (Federal Aviation Administration), NSA (National Security Agency) State Department, US Postal Service, US Treasury Department, Voice of American and hit hardest was the Federal Trade Commission site, ftc.gov. Ullrich states that a Pentagon site, defenselink.mil, was also targeted, as well a site for US forces in South Korea. US officials confirmed that the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department sites “were all down at various points over the weekend and into this week and some of the sites were still experiencing problems on Tuesday evening after the attack.”
In South Korea government agencies and banks had websites paralyzed by a suspected cyber attack on Tuesday, and some remain inaccessible or unusable.
Both the US and South Korea are working to determine the identity of the creator of the virus. “This is not a simple attack by individuals. The attack appeared to have been elaborately prepared and staged by a certain organization or state,” Seoul’s National Intelligence Service (NIS) said in a statement. The NIS also stated that “US authorities were cooperating to track down those responsible for hijacking 12,000 personal computers in South Korea and 8,000 abroad which were exploited as vehicles for the attacks.”
How did this “cyber attack or cyber terrorism” occur?
This attack was called a “denial of service” or DOS attack. We have probably all seen a similar message on a site when we have tried to access one that is very busy, like a coupon site or a shopping site.
Basically, malware (malicious computer programmers) suspected to be working for North Korea infected thousands of computers using Microsoft Windows with a computer virus. Then the programmer would be able to create a collective of networked computers, or “botnet” that he could program to do whatever he wanted. The technique used would be similar to that reported in Golden Cash Network Uses Bots and Zombies to Steal Information, however.
“There are tens of millions of computers that are potentially vulnerable,” Spafford said. “If those systems are implanted with bot controllers, there’s little you can to do prevent it.”
The collective computers are then directed to access web servers, just like you do when you try to access a website. However, there are subtle differences with the use of spoofing, such as making an IP -Internet Protocol address look like it’s busy. The website keeps trying to send information requested tying it up over and over again as it is told that the computer requesting it is busy or unavailable.
Next while the host servers and sites are busy still trying to answer the fraudulent request for information new spoofed IP addresses are created over and over and the servers are overloaded with request and then no longer able to respond.
High volume websites like the White House, Pentagon and New York Stock Exchange seemed to have survived the attack with barely any negative effect, possibly due to the high volume they normally endure as well as higher band -with. Other servers, such as the Federal Trade Commission and the Department of Transportation went off-line.
In simplest terms it is similar in nature (of course on a MUCH larger scale) to when Oprah offered everyone a free KFC skinless chicken dinner. Hundreds of thousands of people rushed to their computer to access the printable coupon from Oprah.com and KFC’s site. The servers were overloaded for days, causing the offer to be withdrawn and changed and thousands to receive the message that the website is not available. That is just one small example of denial of service attacks; now multiply that by thousands of computers and include some of the United States most important services and offices, both for finances and security, and you can only imagine the damage that could be done to America’s most important offices and agencies.
UPDATE JULY 14
This may or may not have been executed by North Korea.
Take a look here: