Cyber attacks on South Korea 'could have been war drill'

Attacks against South Korean government websites could have suddenly become a lot more threatening than previously thought, after McAfee Labs claimed they could have been North Korean cyber war drills. As Reuters reports, the vice president of threat research at the company, Dmitri Alperovitch, raised these thoughts on behalf of the company. Alperovitch believes that these attacks may be more significant against national security than those of Anonymous and LulzSec, as he believes they were internet reconnaissance missions. They were intended to test the impact of cyber weapons should they be used in a war. His wording was as follows:

“This stuff is much more insidious and much more dangerous to national security than what Anonymous is doing.”

The claim was made in a technical analysis of software used in March 2011 against South Korean websites. The attacks were of the ‘denial of service’ nature, overwhelming websites with traffic to shut them down. The official stance of McAfee is that the botnet army used to overwhelm the South Korean websites likely came from infecting healthy computers with the malicious software needed. This was likely done using a popular South Korean file-sharing website, and allowed the computers to be added to a botnet.
The botnet acted as an army of computers, controlled from a “command and control center”, and used to effect on March 4th. The Neowin article on the event can be read here. The botnet attacked around forty websites in South Korea. According to Alperovitch:

“It was a very rapid operation – very constrained with specific goals. The intent was to see what level of damage you can do in a very rapid time period.”

The hackers responsible for the organized attack against the South Korean websites were clearly prepared, having encrypted their software to prevent it from being studied. It was also designed to destroy itself and its host computer ten days after the March 4th attack. It is extremely unusual for botnet herders, as they are known, to instruct their army of infected computers to turn against itself. Typical herders try to retain their ‘army’ for as long as possible to perform other tasks. Alperovitch believes their reasoning for working in the manner they did was to avoid allowing authorities to ascertain the attack purpose. Should a conflict ignite between the two notoriously hostile countries, these cyber-war strikes could be the attacks of the future. They were apparently intended to test the strength of South Korean websites.

The attacks against South Korean websites happened in both July 2009 and March 2011. North and South Korean relationships are incredibly fragile, and the two frequently threaten to instigate a war against the other. In March 2010, the Cheonan warship was destroyed by a North Korean torpedo, fired from a Yeono-class miniature submarine, on the border with North Korea. In November 2010, the North Korean army fired rounds of artillery into South Korea-controlled Yeonpyeong Island, on the western border of the two countries. The attack caused around twenty reported injuries and the death of two South Korean soldiers. North Korea was threatened with “enormous retaliation” if it continued its attacks.

Report a problem with article
Previous Story

Official iPad 2 jailbreak released

Next Story

HTC acquires S3 Graphics for $300 million

17 Comments

Commenting is disabled on this article.

ROFL. Really? North Korea is stuck in the 70s and they don't even have Internet widely available there. I really really doubt North Korea would have the means to do this by themselves so if they, in fact, did this then it was with China's help (or even China by itself without any NK intervention?).

It's all gratuituous speculation but blaming this on North Korea sounds silly to say the least.

paperless said,
ROFL. Really? North Korea is stuck in the 70s and they don't even have Internet widely available there. I really really doubt North Korea would have the means to do this by themselves so if they, in fact, did this then it was with China's help (or even China by itself without any NK intervention?).

It's all gratuituous speculation but blaming this on North Korea sounds silly to say the least.

Civilian life might be restricted & censored, but the government would no doubt would have the abilities to do this.

And no way would be China be assisting them.

Lamp0 said,

Civilian life might be restricted & censored, but the government would no doubt would have the abilities to do this.

And no way would be China be assisting them.

No way? Why is that? China is possibly the only ally they have left.

Also, even the government people have to be trained by someone, who do you think would train them? They're isolated, they're only door to the outside world is China.

paperless said,
ROFL. Really? North Korea is stuck in the 70s and they don't even have Internet widely available there. I really really doubt North Korea would have the means to do this by themselves so if they, in fact, did this then it was with China's help (or even China by itself without any NK intervention?).

try picking up a newspaper now and then so you dont make a fool out of yourself next time you comment

SpyCatcher said,
I think s3n4te is misunderstood.
Than please explain to use your interpretation of what he said. Due to his choice of words its very clear as to what he was trying to say.

s3n4te said,
Just more propaganda from the west again. North Korea and Iran are the scapegoat for everything.

So you really believe then that Iran only want nuke power plants not the capability of a nuke bomb and Kim Jong IL and his cronies are just misunderstood..... Iran and Nth Korea aren't the only bad guys around but they are some of the worst ....there's an old saying that goes like this

It's better to remain silent and look like a fool than to open your mouth and remove all doubt

Athlonite said,

So you really believe then that Iran only want nuke power plants not the capability of a nuke bomb and Kim Jong IL and his cronies are just misunderstood..... Iran and Nth Korea aren't the only bad guys around but they are some of the worst ....there's an old saying that goes like this

It's better to remain silent and look like a fool than to open your mouth and remove all doubt

Agreed.

Athlonite said,

So you really believe then that Iran only want nuke power plants not the capability of a nuke bomb and Kim Jong IL and his cronies are just misunderstood..... Iran and Nth Korea aren't the only bad guys around but they are some of the worst ....there's an old saying that goes like this

USA have nuclear bomb = nice.
Other countries have nuclear bomb = not so nice.

:-/

Magallanes said,

USA have nuclear bomb = nice.
Other countries have nuclear bomb = not so nice.

:-/

The US leader isn't as crazy so Kim. Don't forget that. lol.

s3n4te said,
Just more propaganda from the west again. North Korea and Iran are the scapegoat for everything.

You need to stay away from drugs, I can see that they have already done tremendous damage to your reasoning abilities.