| |
SEOUL: South Korea's intelligence agency warned Thursday of a possible third wave of cyber assaults, after naming North Korea as a suspect in earlier attacks that briefly crippled local and US websites.
The White House, State Department and Pentagon websites were among those targeted in the initial attack, US experts said separately.
Seoul's National Intelligence Service said it was working with the United States and other countries to track the origin of the hacking programme that hit 12 South Korean and 14 US organisations early this week.
It said in a statement a second wave of attacks Wednesday was aimed at domestic banks and a security solution provider.
"For fear of a third round of attacks which may target infrastructure such as energy and telecommunication facilities as well as news media, the NIS is stepping up security controls on online systems."
The NIS, which was itself reportedly targeted, said it has urgently distributed "vaccine" programmes to 10 security solution providers.
Its statement did not suggest the source of the "distributed denial of service" (DDoS) viruses, which invade thousands of personal computers and are programmed to swamp selected websites.
But Park Jie-Won, a member of parliament's intelligence committee, said the NIS told members Wednesday it believed the North or its sympathisers was to blame.
"The NIS claimed the attack was presumed to have been staged by North Korea or followers, without presenting evidence," Park, from the opposition party, told AFP.
The communist state has staged a nuclear test and numerous missile launches in recent weeks, raising regional tensions. A cyber attack, if confirmed, would be a new tactic.
"If the North carries out a large-scale DDoS attack, it would cause interruptions in various Internet services," Yonhap news agency quoted a NIS report to the committee as saying.
The intelligence agency forecast potential "financial chaos" since the total daily value of all online transactions in South Korea stands at six trillion won (4.7 billion dollars).
South Korea is one of the world's most wired nations.
In its statement Thursday the intelligence service said the official networks of the Seoul government, which were separated from the Internet in March, are safe and no information has been leaked.
The government's Korea Information Security Agency said most sites had been restored after the first attacks began in Korea Tuesday evening -- using 12,000 domestic PCs and 8,000 abroad.
However it said a second round was hitting one foreign site and 15 domestic sites, including government agencies and banks and a security solution provider.
It said 29,000 PCs had been hijacked for the second wave.
Yonhap said victims included the US-South Korea Combined Forces Command whose server is based in the United States, the National Intelligence Service and South Korea's top security solution provider AhnLab.
The news agency said the second wave also hit four major banks, causing interruptions in Internet banking late Wednesday.
AhnLab predicted a third DDoS attack would start at 6 pm (0900 GMT) against seven domestic sites.
In Washington the Department of Homeland Security confirmed US government and private websites came under attack but declined to identify any of them.
"It was a pretty massive attack," Johannes Ullrich, chief technology officer for the private SANS Internet Storm Center, said of the assault, which began in the United States last weekend.
He said government sites which were hit included the White House, Department of Homeland Security, Department of Transportation, Federal Aviation Administration, National Security Agency, State Department, US Postal Service, US Treasury Department and Voice of America.
A Pentagon site was also targeted, he said, as was that for US forces in South Korea.
- AFP/yt
|
