July 10, 2009 12:13
A series of cyber attacks continue to rattle South Korea. Following attacks on Tuesday and Wednesday, a website run by the Ministry of Public Administration and Security, Kookmin Bank, Auction, the Chosun Ilbo and other targets were deluged with simultaneous connections using scores of "zombie computers" infected with the virus that triggered system overloads. There is no telling what lies ahead.
The latest attacks appear to have been carefully planned in advance to hit major institutions in the United States and in South Korea. They were timed to take place on America's Independence Day (Sunday Korea time) and targeted the White House and other key U.S. institutions. On Tuesday, the targets expanded to major South Korean institutions representing the country's political, economic and media sectors. On Wednesday, the National Intelligence Service and domestic computer security companies were attacked, impacting efforts to deal with the damage.
The attacks were methodically planned, coordinated by "zombie computers" that had been infected earlier and programmed to launch the attacks simultaneously at a scheduled time. Unlike so-called distributed denial-of-service attacks in the past, there was no main server that ordered the attacks to begin. The virus contained commands on when and which targets to attack so that the zombie computers acted on their own. AhnLab, which analyzed the virus, said, "Not only were the timing and targets preset, the program enabled computers to voluntarily switch targets." This makes it impossible to track the server orchestrating the attacks and block it. It takes more time to deal with the damage and is more difficult to find the perpetrator.
Officials say the attacks merely caused hindrances to Internet connections and did not compromise national secrets. But we cannot let our guard down. Auction, which specializes in e-commerce, was unable to block the attacks even though it recently equipped itself with hardware designed to repel DDos attacks. That is how threatening the attacks are.
The attacks exposed the vulnerability of the Republic of Korea, which boasts one of the world's most advanced IT infrastructures, to cyber attacks. It showed that forces hostile to South Korea could immobilize our economy, national security and society any time they wish. The Korea Communications Commission, the civilian agency charged with electronic security, issued an alert a full six hours after the attacks began and was unable to offer specific responses. It wasn't until Thursday, the third day of the attacks, that the commission began discussing whether to block infected computers to stem the attacks.
There are around 1 million attacks each day by hackers targeting Korean computer systems. The damage has risen 30 percent over the last five years. Yet our view of this threat is dismally unrealistic. The value of the South Korean computer security industry is just 5 percent of Japan's, and 7.5 percent of computers in South Korea do not use vaccine programs at all. This means 2.2 million out of 30 million computers in South Korea remain exposed to the DDos virus.
If prevention is difficult, then responses must at least be quick and decisive. Individuals, private businesses and other institutions have limited resources to deal with cyber terrorism. The government needs to invest in computer security companies, and the National Assembly must waste no time and pass regulations to boost our national readiness for such attacks.
- Copyright © Chosunilbo & Chosun.com