Although it seems that many US officials are not speaking publicly about the attack, emergency notices have been sent to federal agencies and departments advising them of precautions. Security experts warned last year, after a similar attack linked to China that American was more vulnerable to cyber-terrorism that any other form of conventional attack.
According to Ullrich, chief technology officer for the private SANS Internet Storm Center, “It was a pretty massive attack. Nothing really terribly sophisticated. It just floods the websites,” “It prevents the websites from responding. They’re just overloaded with traffic.”
However, according to Keynote Systems, (a mobile and website monitoring company located in California) which monitors 40 government sites in America, the US websites experienced a “significant outage.” Ben Rushlo, director of internet technologies at the firm, said of the transportation department site problems: “This is very strange. You don’t see this. “Having something 100% down for a 24-hour-plus period is a pretty significant event.”
Other cyber experts have differing opinions over the extent of North Korean involvement. Some speculate that hackers simply used zombie computers in the area, while others think that this communist nation has gone from the nuclear to the digital battlefield.
Rod Beckstrom, former head of the U.S. cybersecurity center says, “If Pyongyang is behind the attacks, it probably establishes a new pattern of behavior. If this is them, they are now in the club. And they’re probably only going to get better.”
Philip Reitinger, deputy under secretary at the Homeland Security Department, said in an interview with the Associated Press that, “the far-reaching attacks demonstrate the importance of cyber security as a critical national security issue.” The fact that a series of computers were involved in an attack, Reitinger said, “doesn’t say anything about the ultimate source of the attack.” “What it says is that those computers were as much a target of the attack as the eventual Web sites that are targets,” said Reitinger, who heads DHS cyber security operations. “They’re just zombies that are being used by some unseen third party to launch attacks against government and nongovernment Web sites.”
If true, the attack by North Korea would be troubling because “they play by their own set of rules, so it is more difficult to calibrate how they’re going to respond,” says, Jack Thomas Tomarchio, head of Nicor Cyber Security and a former deputy undersecretary at the Homeland Security Department. According to Tomarchia, “the attacks overall show that the federal government is still very vulnerable in terms of its cyber security and that agencies have miles to go to plug the holes.” “This is not Pearl Harbor. I’m not trying to alarm the country,” he said. “But we do have a serious intrusion problem.”
New York Stock Exchange spokesman Ray Pellecchia could not confirm the attack, saying the company does not comment on security issues.
Where does US cyber security go from here?
President Obama announced the establishment of an inter-agency cyber-security office in May and the Pentagon added a military Cyber Command to supplement the civilian effort.
In an emailed statement by the Korea Communications Commission, “the blocked sites are based in the U.S., South Korea, Germany, Austria and Georgia.” It is speculated that the “sites may have also spread malicious computer code that causes damage to personal computers,” according to the commission.
Amy Kudwa, spokeswoman for the Homeland Security Department, said the agency’s U.S. Computer Emergency Readiness Team issued a notice to federal departments and other partner organizations about the problems and “advised them of steps to take to help mitigate against such attacks.”
This is not the first time that the US computer systems have been terrorized, past cyber attacks have included The State Department, Homeland Security, The Washington Post and even NASDAQ. According to the experts attacks on federal computer networks are quite common, and may range in nature from those trying their hand at hacking to more serious assaults. In some cases the blame has been placed on China, but U.S. security officials also worry about cyber attacks from al-Qaida or other terrorists.
This time it may have only been a “DOS” denial of service to sites that people are trying to use to gain information or complete forms. Just imagine what damage could be done if control of those servers and services could be taken over by use of advanced programming and botnet devices? The FAA? No longer able to track airlines. The New York Stock Exchange? Stocks floating up and down, or plummeting to worthless, you think the economy is tough now, imagine the shut down of banking and the stock exchange. This attack, no matter if it came from China or North Korea or even from Mars; does evidence how unprepared the US government may be to protect its cyber security to such attacks.