July 9, 2009 at 12:40 am #3984
U.S. authorities on Wednesday eyed North Korea as the origin of the widespread cyber attack that overwhelmed government Web sites in the United States and South Korea, although they warned it would be difficult to definitively identify the attackers quickly.
Seriously? I know everyone is trying to get in on the “Cyber Attack” market, but I really thought North Korea would be pretty late to the game. Ten years ago it seemed like the only place that consistently has power over there was Pyong Yang (the capital city). The rest of the country was dark at night… I suppose times have changed.
July 9, 2009 at 7:45 am #25443dalepearsonParticipant
Makes a change from blaming China though right?
July 9, 2009 at 7:49 am #25444UNIXParticipant
The time where you could limit knowledge to certain countries has long gone.
July 9, 2009 at 2:36 pm #25445blackazarroParticipant
According to a CNN article, Jose Nazario, manager of security research at Arbor Networks in Ann Arbor, Michigan stated that there’s some indication that it came from China.
There is some indication that the attack comes from China, Nazario said, but he added that he could not be certain of the origin. Even if it is coming from China, it would be difficult to determine whether officials or individual hackers were responsible.
Link to article:
July 10, 2009 at 12:42 am #25446
Well, China is always my favorite country to blame. Due to the lack of sophistication, I don’t think that the attack came from China.
Also, note to hackers: DoS’ing government websites over a holiday weekend is not really a DoS at all. I know the attack extended into the beginning of the week, but still, work on the timing 🙂
July 14, 2009 at 10:48 pm #25447timmedinParticipant
Just saw an article where they think the attackers are actually in the UK
July 15, 2009 at 5:56 am #25448UNIXParticipant
I already thought that it could be something like a “fake” attack, meaning that a particular country is blamed for something although it was not it’s fault. As China is already heavily under fire it is obvious that other people/ “countries” could try to set up an attack and prepare everything that it looks like the attack was launched from that particular country already in question.
[…] Update: 07/14 21:24 GMT by KD : Wired is reporting that the UK owner of the IP address in question is pointing a finger at a server in Florida, which it says opened a VPN to the UK machine for the attacks. Once again, the attacker could be anywhere.
July 16, 2009 at 3:39 pm #25449
July 16, 2009 at 4:42 pm #25450GmoraesParticipant
A new study of worldwide technological competitiveness suggests China may soon rival the United States as the principal driver of the world’s economy – a position the U.S. has held since the end of World War II. If that happens, it will mark the first time in nearly a century that two nations have competed for leadership as equals.
July 16, 2009 at 8:03 pm #25451blackazarroParticipant
Now this makes more sense as explained by Gunter Ollmann from Damballa:
So, let me try to inject some sanity in to all this madness and, in my best Scouser accent, shout “calm down, calm down!”
While a lot of the analysis is still ongoing – and likely to continue long after the public looses interest – I’ve come to the conclusion that this DDoS attack has very little to do with North Korea and only consipiritory theorists could conclude that this is a state-sponsored kick off to cyber-war. Why not?
1. The bot agents being used in this attack are ancient. They’re not stealthy, they have limited attack capabilities, they’re detectable by just about every anti-virus product out there (and have been for over half-a-decade), and it makes no sense for any professional to use them – even if they were handed over as a free-be. We’re not even talking about someone taking the cyber-equivalent of arming a few farmers with 40 year-old AK-47’s, it’s more like arming a troupe of girl-scouts with water-balloons and Nerf guns.
2. The DDoS attacks came from bot victims scattered around the globe – with perhaps the highest concentration in South Korea. As far as I’m aware, there was no noticeable collection of bot agents from North Korea. In fact it even looks like the command and control servers for this botnet weren’t even based in the region – and were most like compromised already.
For the rest of the explaination refer to the following link:
July 17, 2009 at 12:02 am #25452
The article you posted seems to reaffirm my point. My point was that the Chinese are not at all prone to do anything this unsophisticated. They probably have some of the best folks in the business working for them.
They also have the added benefit of recruiting by force and the motivational factor of no justice system coupled with a history of human rights violations. That would motivate me to do the job!
- You must be logged in to reply to this topic.