Print
E-mail
Comment
US officials eye North Korea in cyber attack
 |
By Lolita C. Baldor
WASHINGTON – U.S. authorities on Wednesday eyed North Korea as the origin of the widespread cyber attack that overwhelmed government Web sites in the United States and South Korea, although they warned it would be difficult to definitively identify the attackers quickly.
The powerful attack that targeted dozens of government and private sites underscored how unevenly prepared the U.S. government is to block such multipronged assaults.
While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption.
The North Korea link, described by three officials, more firmly connected the U.S. attacks to another wave of cyber assaults that hit government agencies Tuesday in South Korea. The officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved the Pyongyang government.
The officials spoke on condition of anonymity because they were not authorized to speak publicly on the matter.
South Korea intelligence officials have identified North Korea as a suspect in those attacks and said that the sophistication of the assault suggested it was carried out at a higher level that just rogue or individual hackers.
U.S. officials would not go that far and declined to discuss publicly who may have instigated the intrusion or how it was done.
In an Associated Press interview, Philip Reitinger, deputy under secretary at the Homeland Security Department, said the far-reaching attacks demonstrate the importance of cybersecurity as a critical national security issue.
The fact that a series of computers were involved in an attack, Reitinger said, “doesn’t say anything about the ultimate source of the attack.”
“What it says is that those computers were as much a target of the attack as the eventual Web sites that are targets,” said Reitinger, who heads DHS cybersecurity operations. “They’re just zombies that are being used by some unseen third party to launch attacks against government and nongovernment Web sites.”
Targets of the most widespread cyber offensive of recent years also included the National Security Agency, Homeland Security Department and State Department, the Nasdaq stock market and The Washington Post, according to an early analysis of the software used in the attacks.
The Associated Press obtained the target list from security experts analyzing the attacks. They provided the list on condition of anonymity because they were not authorized to discuss the investigation.
Other experts in cyber assaults said the incident shined a harsh light on the U.S. government’s efforts to protect all of its agencies against Web-based attacks.
James Lewis, a senior fellow at the Center for Strategic and International Studies, said that the fact that both the White House and Defense Department were attacked but didn’t go down points to the need for coordinated government network defenses.
“It says that they were ready and the other guys weren’t ready,” he said. “We are disorganized. In the event of an attack, some places aren’t going to be able to defend themselves.”
The wave of cyber assaults are known as “denial of service” attacks. Such attacks against Web sites are not uncommon and are caused when sites are so deluged with Internet traffic that they are effectively taken off-line. Mounting such an attack can be relatively easy and inexpensive, using widely available hacking programs, and they become far more serious if hackers infect and tie thousands of computers together into “botnets.”
Joe Stewart, director of malware research for the counterthreat unit of SecureWorks Inc., said there’s no indication yet of a claim of responsibility hidden anywhere in the program behind the attacks. Stewart and other researchers are analyzing the code for clues about the attacker’s identity.
Stewart noted that the attacks on U.S. government sites appeared to expand after the initial assaults over the holiday weekend failed to generate any publicity. He said the “target list” contained in the program’s code only had five U.S. government sites on it on July 5, but were broadened the next day to include nongovernment sites inside the U.S.
The following day, the South Korean Web sites were added.
“It seems to me they thought the first round wasn’t successful ... they felt they weren’t getting enough attention because nobody was talking about their attacks,” Stewart said.
The cyber assault on the White House site had “absolutely no effect on the White House’s day-to-day operations,” said spokesman Nick Shapiro. He said that preventive measures kept whitehouse.gov stable and available to the general public but that Internet visitors from Asia may have experienced problems.
All federal Web sites were back up and running, Shapiro said. A State Department spokesman said the agency’s site was up but still experiencing problems. A Web site for the U.S. Secret Service had experienced access problems but did not crash, the agency’s spokesman said.
The cyber attack did not appear, at least at the outset, to target internal or classified files or systems, but instead aimed at agencies’ public sites, creating a nuisance both for officials and the Web consumers who use them.
Ben Rushlo, director of Internet technologies at Keynote Systems, said problems with the Transportation Department site began Saturday and continued until Monday, while the FTC site was down Sunday and Monday.
Keynote Systems is a mobile and Web site monitoring company based in San Mateo, Calif. The company publishes data detailing outages on Web sites, including 40 government sites it watches.
According to Rushlo, the Transportation Web site was “100 percent down” for two days, so that no Internet users could get through. The FTC site, meanwhile, started to come back online late Sunday, but even on Tuesday Internet users still were unable to get to the site 70 percent of the time.
The powerful attack that targeted dozens of government and private sites underscored how unevenly prepared the U.S. government is to block such multipronged assaults.
While Treasury Department and Federal Trade Commission Web sites were shut down by the software attack, which lasted for days over the holiday weekend, others such as the Pentagon and the White House were able to fend it off with little disruption.
The North Korea link, described by three officials, more firmly connected the U.S. attacks to another wave of cyber assaults that hit government agencies Tuesday in South Korea. The officials said that while Internet addresses have been traced to North Korea, that does not necessarily mean the attack involved the Pyongyang government.
The officials spoke on condition of anonymity because they were not authorized to speak publicly on the matter.
South Korea intelligence officials have identified North Korea as a suspect in those attacks and said that the sophistication of the assault suggested it was carried out at a higher level that just rogue or individual hackers.
U.S. officials would not go that far and declined to discuss publicly who may have instigated the intrusion or how it was done.
In an Associated Press interview, Philip Reitinger, deputy under secretary at the Homeland Security Department, said the far-reaching attacks demonstrate the importance of cybersecurity as a critical national security issue.
The fact that a series of computers were involved in an attack, Reitinger said, “doesn’t say anything about the ultimate source of the attack.”
“What it says is that those computers were as much a target of the attack as the eventual Web sites that are targets,” said Reitinger, who heads DHS cybersecurity operations. “They’re just zombies that are being used by some unseen third party to launch attacks against government and nongovernment Web sites.”
Targets of the most widespread cyber offensive of recent years also included the National Security Agency, Homeland Security Department and State Department, the Nasdaq stock market and The Washington Post, according to an early analysis of the software used in the attacks.
The Associated Press obtained the target list from security experts analyzing the attacks. They provided the list on condition of anonymity because they were not authorized to discuss the investigation.
Other experts in cyber assaults said the incident shined a harsh light on the U.S. government’s efforts to protect all of its agencies against Web-based attacks.
James Lewis, a senior fellow at the Center for Strategic and International Studies, said that the fact that both the White House and Defense Department were attacked but didn’t go down points to the need for coordinated government network defenses.
“It says that they were ready and the other guys weren’t ready,” he said. “We are disorganized. In the event of an attack, some places aren’t going to be able to defend themselves.”
The wave of cyber assaults are known as “denial of service” attacks. Such attacks against Web sites are not uncommon and are caused when sites are so deluged with Internet traffic that they are effectively taken off-line. Mounting such an attack can be relatively easy and inexpensive, using widely available hacking programs, and they become far more serious if hackers infect and tie thousands of computers together into “botnets.”
Joe Stewart, director of malware research for the counterthreat unit of SecureWorks Inc., said there’s no indication yet of a claim of responsibility hidden anywhere in the program behind the attacks. Stewart and other researchers are analyzing the code for clues about the attacker’s identity.
Stewart noted that the attacks on U.S. government sites appeared to expand after the initial assaults over the holiday weekend failed to generate any publicity. He said the “target list” contained in the program’s code only had five U.S. government sites on it on July 5, but were broadened the next day to include nongovernment sites inside the U.S.
The following day, the South Korean Web sites were added.
“It seems to me they thought the first round wasn’t successful ... they felt they weren’t getting enough attention because nobody was talking about their attacks,” Stewart said.
The cyber assault on the White House site had “absolutely no effect on the White House’s day-to-day operations,” said spokesman Nick Shapiro. He said that preventive measures kept whitehouse.gov stable and available to the general public but that Internet visitors from Asia may have experienced problems.
All federal Web sites were back up and running, Shapiro said. A State Department spokesman said the agency’s site was up but still experiencing problems. A Web site for the U.S. Secret Service had experienced access problems but did not crash, the agency’s spokesman said.
The cyber attack did not appear, at least at the outset, to target internal or classified files or systems, but instead aimed at agencies’ public sites, creating a nuisance both for officials and the Web consumers who use them.
Ben Rushlo, director of Internet technologies at Keynote Systems, said problems with the Transportation Department site began Saturday and continued until Monday, while the FTC site was down Sunday and Monday.
Keynote Systems is a mobile and Web site monitoring company based in San Mateo, Calif. The company publishes data detailing outages on Web sites, including 40 government sites it watches.
According to Rushlo, the Transportation Web site was “100 percent down” for two days, so that no Internet users could get through. The FTC site, meanwhile, started to come back online late Sunday, but even on Tuesday Internet users still were unable to get to the site 70 percent of the time.
Submit a Comment
|
You must be logged in to post a comment.
|
Not yet a registered member?
Click here to become one. Comments to stories and articles on the Web site are not edited or pre-approved before appearing online. Readers posting comments are solely responsible for those comments. Comments must be germane to the story to which they apply. Online comments that are libelous, profane or personally attack another site participant can be reported as abuse using the link provided on each comment. Comments reported as abusive will be reviewed and may be removed from view, as will off-topic comments. BE CIVIL. Individuals continually posting abusive comments to the site may have their registrations revoked. |
Reader Comments
jef wrote on Jul 9, 2009 11:48 AM:
" woodlands64 wrote on Jul 9, 2009 7:25 AM:
" The US, or should I say Barak...... pretty impotent on foreign policy.... We will do nothing. "
Sure "we" will. He'll apologize to Pyongyang for the US putting them in a position where they were forced to do it. "
" The US, or should I say Barak...... pretty impotent on foreign policy.... We will do nothing. "
Sure "we" will. He'll apologize to Pyongyang for the US putting them in a position where they were forced to do it. "
StevenP wrote on Jul 9, 2009 12:24 PM:
" And what will the two of you do except get togethr and cackle like hens? "
woodlands64 wrote on Jul 9, 2009 12:40 PM:
" StephenP trying to defend his boy but cant...... Mr. Obama is Neville Chamberlain in his second coming. "
Whiskyecho wrote on Jul 9, 2009 2:03 PM:
" what amazes me is that there are a whole bunch of folks in this world that think these rogue nations (n. korea, iran, cuba, venezuela, many places in the mid East and africa) are nifty
some sort of a messed up world !
oh and StevenPperson - thought you said when you posted a comment it was always relevant to the subject of the article - what happened, a different way of doing things since, uh, yesterday ? "
some sort of a messed up world !
oh and StevenPperson - thought you said when you posted a comment it was always relevant to the subject of the article - what happened, a different way of doing things since, uh, yesterday ? "
jef wrote on Jul 9, 2009 5:39 PM:
" StevenP wrote on Jul 9, 2009 12:24 PM:
" And what will the two of you do except get togethr and cackle like hens? "
Not much else to do as long as so many sheep keep adoring the buffoon. Didn't have a stellar lineup to choose from, but at least we saw him as the worst of two evils. What's your excuse? "
" And what will the two of you do except get togethr and cackle like hens? "
Not much else to do as long as so many sheep keep adoring the buffoon. Didn't have a stellar lineup to choose from, but at least we saw him as the worst of two evils. What's your excuse? "
pprwrtr wrote on Jul 9, 2009 6:25 PM:
" Some of these commenters want America (which means the President of the US) to fail! What a horrific attitude and our downfall! You people think that it is dumb etc. to try to make friends instead of go to war all over the world. Some day or some country, if we keep up what boy Bush started, we will strike out and get defeated royally. You'd better hope and pray our President succeeds. Bush's war didn't. We just have more people hating us and wanting to get us back. How many countries are we going to have troops in? There are many now. (If you don't think so, research it, but don't tell me there are only a few because you will seem ignorant of the facts). Guess we could try to send them to North Korea now, but that'd be a mistake! "
whatchumean wrote on Jul 9, 2009 9:01 PM:
" See pprwrtr... not to defend Bush exactly, but at least when Bush was in office, these little no name countries didn't try to start AS MUCH trouble (at least after the so called Shock and Awe) because they knew he was a N job. Now your wonder boy Obama isn't gonna do anything and they know it. Maybe he should ask Oprah what to do about N. Korea, since she thinks she picked the president. "
pprwrtr wrote on Jul 9, 2009 9:32 PM:
" whatchumean--
The only "shock and awe" about that is that Bush was "shocked and awed" that our bombs didn't solve the whole issue and thing just went from bad to worse. His stupid "logic!" "
The only "shock and awe" about that is that Bush was "shocked and awed" that our bombs didn't solve the whole issue and thing just went from bad to worse. His stupid "logic!" "
woodlands64 wrote on Jul 10, 2009 3:10 AM:
" B Obama,, the second coming of Neville Chamberlin.
Maybe one should understand histroy and cultures before showing their ignorance time, after time, after time, after time. "
Maybe one should understand histroy and cultures before showing their ignorance time, after time, after time, after time. "
woodlands64 wrote on Jul 10, 2009 3:11 AM:
" and my love Bush was good on defense, but Cheney.....he be the MAN!!!!!! "
woodlands64 wrote on Jul 9, 2009 7:25 AM: