North Korean Cyber Attack?

Viewing 10 reply threads
  • Author
    Posts
    • #3984
      former33t
      Participant

      U.S. authorities on Wednesday eyed North Korea as the origin of the widespread cyber attack that overwhelmed government Web sites in the United States and South Korea, although they warned it would be difficult to definitively identify the attackers quickly.

      http://news.yahoo.com/s/ap/20090709/ap_on_go_ot/us_us_cyber_attack

      Seriously?  I know everyone is trying to get in on the “Cyber Attack” market, but I really thought North Korea would be pretty late to the game.  Ten years ago it seemed like the only place that consistently has power over there was Pyong Yang (the capital city).  The rest of the country was dark at night…  I suppose times have changed.

    • #25443
      dalepearson
      Participant

      Makes a change from blaming China though right?

    • #25444
      UNIX
      Participant

      The time where you could limit knowledge to certain countries has long gone.

    • #25445
      blackazarro
      Participant

      According to a CNN article, Jose Nazario, manager of security research at Arbor Networks in Ann Arbor, Michigan stated that there’s some indication that it came from China.

      There is some indication that the attack comes from China, Nazario said, but he added that he could not be certain of the origin. Even if it is coming from China, it would be difficult to determine whether officials or individual hackers were responsible.

      Link to article:

      http://edition.cnn.com/2009/TECH/07/08/government.hacking/index.html

    • #25446
      former33t
      Participant

      Well, China is always my favorite country to blame.  Due to the lack of sophistication, I don’t think that the attack came from China.

      Also, note to hackers:  DoS’ing government websites over a holiday weekend is not really a DoS at all.  I know the attack extended into the beginning of the week, but still, work on the timing 🙂

    • #25447
      timmedin
      Participant

      Just saw an article where they think the attackers are actually in the UK
      http://alterslash.org/#UK_Not_North_Korea_Is_Source_of_DDoS_Attacks

    • #25448
      UNIX
      Participant

      I already thought that it could be something like a “fake” attack, meaning that a particular country is blamed for something although it was not it’s fault. As China is already heavily under fire it is obvious that other people/ “countries” could try to set up an attack and prepare everything that it looks like the attack was launched from that particular country already in question.

      […] Update: 07/14 21:24 GMT by KD : Wired is reporting that the UK owner of the IP address in question is pointing a finger at a server in Florida, which it says opened a VPN to the UK machine for the attacks. Once again, the attacker could be anywhere.

    • #25449
      Gmoraes
      Participant

      @former33t wrote:

      Well, China is always my favorite country to blame.  Due to the lack of sophistication, I don’t think that the attack came from China.

      Thats a stupid comment. Go read about china!

    • #25450
      Gmoraes
      Participant

      A new study of worldwide technological competitiveness suggests China may soon rival the United States as the principal driver of the world’s economy – a position the U.S. has held since the end of World War II. If that happens, it will mark the first time in nearly a century that two nations have competed for leadership as equals.

      full article:
      http://www.gatech.edu/newsroom/release.html?id=1682

    • #25451
      blackazarro
      Participant

      Now this makes more sense as explained by Gunter Ollmann from Damballa:

      So, let me try to inject some sanity in to all this madness and, in my best Scouser accent, shout “calm down, calm down!”

      While a lot of the analysis is still ongoing – and likely to continue long after the public looses interest – I’ve come to the conclusion that this DDoS attack has very little to do with North Korea and only consipiritory theorists could conclude that this is a state-sponsored kick off to cyber-war. Why not?

        1. The bot agents being used in this attack are ancient. They’re not stealthy, they have limited attack capabilities, they’re detectable by just about every anti-virus product out there (and have been for over half-a-decade), and it makes no sense for any professional to use them – even if they were handed over as a free-be. We’re not even talking about someone taking the cyber-equivalent of arming a few farmers with 40 year-old AK-47’s, it’s more like arming a troupe of girl-scouts with water-balloons and Nerf guns.
        2. The DDoS attacks came from bot victims scattered around the globe – with perhaps the highest concentration in South Korea. As far as I’m aware, there was no noticeable collection of bot agents from North Korea. In fact it even looks like the command and control servers for this botnet weren’t even based in the region – and were most like compromised already.

      For the rest of the explaination refer to the following link:

      http://blog.damballa.com/?p=288

    • #25452
      former33t
      Participant

      Gmoraes,

      The article you posted seems to reaffirm my point.  My point was that the Chinese are not at all prone to do anything this unsophisticated.  They probably have some of the best folks in the business working for them.

      They also have the added benefit of recruiting by force and the motivational factor of no justice system coupled with a history of human rights violations.  That would motivate me to do the job!

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?