North Korea or unidentified forces aligned with the communist nation may be preparing for full-fledged cyber-terrorism against South Korea or the United States, based on its “test” attacks in 2009 and earlier this year, a U.S. Internet security firm said yesterday.
In a special report, McAfee Inc. said North Korea or its “sympathizers” seem to have been responsible for the distributed denial-of-service (DDoS) assault against about 40 South Korean government and civilian Web sites that started March 4.
The networks of the presidential office, Cheong Wa Dae, the National Intelligence Agency, the Foreign Ministry and U.S. Forces Korea were targeted in the attack, which was programmed to last 10 days. No serious damage was made public.
The California-based company, affiliated with Intel Corp., tracked the source and pattern of the DDoS activity, which it called “Ten Days of Rain,” and conducted a technical analysis.
“These attacks very closely resemble DDoS attacks that began on July 4 2009, Independence Day in the U.S. The 2009 attacks used a botnet of more than 150,000 machines predominantly concentrated in South Korea,” it said.
“Based on the similarities between the 2011 and 2009 attacks, we believe that there is strong, although circumstantial, evidence to conclude that both attacks had originated from the same adversary,” it added.
South Korea’s prosecutors earlier announced that North Korean hackers were behind the March DDos attack.
McAfee said it was only an exercise.
“The motivations appear to outweigh the attack, making this truly seem like an exercise to test and observe response capabilities,” it said, “This may have been a test of South Korea’s preparedness to mitigate cyberattacks, possibly by North Korea or their sympathizers.”
The company said, however, it did not find decisive evidence that links the March attacks to North Korea.
via Yonhap News