At least 35 government and commercial Web sites in South Korea and the United States came under major attack over the past several days, fueling suspicions of involvement by North Korea or its sympathizers.
In the United States, the attacks targeted Web sites operated by major government agencies, including the departments of Homeland Security and Defense, the Federal Aviation Administration and the Federal Trade Commission, according to several computer security researchers. The Washington Post’s site was also affected.
South Korea’s main spy agency, the National Intelligence Service, said in a statement that it believed the attack was carried out “at the level of a certain organization or state,” but did not elaborate. The South Korean news agency Yonhap reported that intelligence officials had told South Korean lawmakers that North Korea or its sympathizers were prime suspects in the attacks. A spokesman for the intelligence service said it could not confirm the report.
The attacks were described as a “distributed denial of service,” a relatively unsophisticated form of hacking in which personal computers are commanded to overwhelm certain Web sites with a blizzard of data. The effort did not involve the theft of sensitive information or the disabling of crucial operational systems, government and security experts said. But they said it was widespread, resilient and aimed at both U.S. and South Korean government Web sites.
South Korea is one of the world’s most wired countries, with broadband access in more than 90 percent of homes and Internet data-transfer speeds that are much faster than in most of the United States. Earlier this year, a number of South Korean news organizations reported that North Korea was running a cyber-warfare unit that targets military computer networks in South Korea and the United States.
Experts, however, cautioned against implicating North Korea too soon.
“In the dozens of instances that I worked over the past decade, I cannot recall a single instance in which someone intending to attack came from the source it appeared to have come from,” said Dale W. Meyerrose, former chief information officer for the Office of the Director of National Intelligence. “Most attackers in cyberspace try to mask who they really are.”