India Internet News

11 July 2011

According to the security firm McAfee's Tuesday report, the cyberattacks held on US and South Korean military websites in March might be a test of North Korea or sympathizers

McAfee report 'Ten Days of Rain' says that "We believe this incident... has very clear anti-Korean and anti-US political motivations." According to their findings, "The combination of technical sophistication juxtaposed with relatively limited execution and myopic outcome is analogous to bringing a Lamborghini to a go-cart race. As such, the motivations appear to outweigh the attack, making this truly seem like an exercise to test and observe response capabilities."

The security researchers of McAfee also mentioned that there are 95 percent chances of the same culprit behind the recent online assault in March as of cyberattacks on US and South Korean websites in July 4, 2009.

South Korean banking, military and government websites and US forces sites were attacked by distributed denial of service (DDoS) attacks on March 4. These attacks overburdens the websites with requests resulting them to slow down or become inaccessible.

Georg Wicherski, one of the security researcher of McAfee, consider this attack as "an armed cyber reconnaissance operation of sorts" targeted at assessing defences and reaction times of South Korean government and civilian networks. He said, "Knowing that would be invaluable in a possible future armed confrontation on the peninsula, since cyberspace has already become the fifth battlespace dimension, in addition to land, air, sea, and space."

Some virus-infected computers, in South Korea, made the DDoS attacks by usurp control overloading targeted websites with simultaneous requests for pages or information.

According to McAfee, the strategy used in the attacks were more harmful than generally seen when legions of infected computers are commanded in "botnets" by hackers. The botnet in South Korea was structured to perform DDoS attacks for 10 days and then self-destruct resulting examiners by overwriting or deleting files and codes to such extent that computers would not boot up.

During the Match attacks were ongoing, defenders uses encryption algorithms to mask parts of malicious code and stymie analysis.

The McAfee report determined, "This wasn't a surgical strike; it was more like a sledgehammer, as most DDoS attacks are."