July 15, 2009 12:15
The source of a crippling cyber attack targeting Cheong Wa Dae and other key websites in South Korea and the United States was a computer in the U.K., analysis shows.
Although it remains unclear exactly who was behind the distributed denial of service attacks, they were orchestrated from a master server with an IP address in England. The Korea Communications Commission said Tuesday Vietnamese computer security company Bach Khoa Internetwork Security told the Korea Information Security Agency that the master server behind the attacks was located in the U.K.
After the DDoS attacks began, KISA had sent samples of the computer virus to 16 member nations of the Asia Pacific Computer Emergency Response Team, which includes Vietnam. The KCC then passed on the information to the National Intelligence Service, state prosecutors and the police, while an international investigation has been launched.
British authorities are said to have been notified and have launched a probe of the server using that IP address.
KISA speculates that the master server, which uses a Windows 2003 operating system, spread the virus through 125 host websites across the world. Damage was reported in 166,000 computers in 74 countries, including South Korea, the U.S., China, Japan, Canada, New Zealand and the U.K. In South Korea alone, around 78,000 computers were infected.
Hwang Chul-jeung, the head of network policy at the KCC, said, "Either the server in England had been hijacked or another master server may have been used."
- Copyright © Chosunilbo & Chosun.com