Cyber attacks on S. Korea set to enter new phase

SEOUL, July 10 (Yonhap) -- South Korea came under cyber attacks for a third
consecutive day between Thursday evening and early Friday morning and the
unprecedented hacking incident is set to enter a new phase as tens of thousands
of virus-contaminated personal computers appear automatically programmed to
destroy their own stored data starting Friday, government and industry officials
warned.

The Korea Communications Commission (KCC) said it has been notified by computer
vaccine company Ahn Lab that the so-called "distributed denial-of-service" (DDoS)
virus, which is responsible for initiating the ongoing cyberspace war in South
Korea, was set to destroy at least 20,000 contaminated PCs across the nation.
DDoS attacks refer to a situation in which a multitude of infected computers
attack a single target, thereby causing denial of service for legitimate users of
the compromised site.
In a related development, government agencies and private network security firms
said they have identified and closed four overseas-based intermediate hosts
suspected of participating in the latest wave of DDoS attacks on key South Korean
Web sites this week.
The agencies and private firms also said they would continue to track down the
virus contamination route amid suspicions that North Korea may be behind the
recent wave of Web site outages.
On Thursday evening, at least seven Web sites operated by government and media
organizations, including Kookmin Bank, the Ministry of Public Administration and
Security's electronic government site, the mass-circulation Chosun Ilbo and
leading portal Naver, reported access delays or failures starting around 6 p.m.
Several Seoul-based portal sites also reported that their mail services underwent
temporary access disruptions, apparently due to the DDoS attack.
Kookmin Bank, a leading state-funded lender, said it was forced to shut down its
Internet banking site for about 30 minutes until 6:30 p.m. after the site came
under the DDoS attack from unidentified hackers.
"A third round of cyber attacks was begun Thursday evening, but the nation
averted the crisis without much confusion thanks to sufficient advance
preparations," said an official at the state-run Korea Information Security
Agency. "The government will continue to work to minimize damage from the latest
cyber attack through closer cooperation with relevant institutions and
companies."
The KCC also briskly moved to contain damage to key government Web sites and
asked the nation's key Internet service providers to restrict Internet access by
personal computers contaminated by viruses.
Kim Hong-sun, chief executive of Ahn Lab, said it was difficult for now to
forecast how long the cyber attack will persist.
"There is no clear information on the pattern and timing of further cyber
attacks. It is difficult to precisely predict the outlook," said Kim.
Beginning Tuesday, the DDoS attacks overwhelmed major Web sites in South Korea
and the United States, virtually taking them off-line. Unidentified hackers began
their initial attacks at 6 p.m. Tuesday, blocking Internet users from accessing
26 Web sites, including the official site of South Korea's presidential office,
Cheong Wa Dae, and 14 government and private Web sites in the U.S. The
unidentified hackers staged their second cyber attack on Wednesday evening.
ycm@yna.co.kr
(END)