Go to Contents Go to Navigation

(3rd LD) S. Korean Web sites suffer DDoS attack

All Headlines 15:20 March 04, 2011

(ATTN: UPDATES with launch of police probe in last four paras; ADDS photo)

SEOUL, March 4 (Yonhap) -- Malicious computer codes attacked the Web sites of South Korea's presidential office and other major institutions on Friday, shutting down some of them temporarily, industry sources said.

The presidential office Cheong Wa Dae, the Ministry of Foreign Affairs and Trade, and top lender Kookmin Bank were among 29 institutions whose Web sites were hit by the so-called distributed denial-of-service (DDoS) attack that started from 10 a.m., AhnLab Inc. said in a statement.

Additional attacks are expected to begin at 6:30 p.m., targeting some 40 government and corporations' Web sites, said AhnLab, South Korea's top computer security company.

South Korea raised the cyber alert level following the DDoS attack, which disables access to servers and harms PC's hard drives. The country's telecommunications regulator Korea Communications Commission issued the third-highest alert.

The Web page of the Financial Services Commission, the country's financial regulator, was briefly overloaded in the morning and an online stock trading system of a local brokerage was shut down for several minutes by the assault, officials said. They have recovered operation and no other damage was reported.

The presidential office confirmed the attack.

"There was a DDoS attack, but no damage was done," said a Cheong Wa Dae official.

The latest DDoS attack bears resemblance to the cyber attack that targeted 23 local Web sites in July 2009, AhnLab added.

Attackers hacked two domestic peer-to-peer file sharing Web sites on Thursday evening and planted malicious codes in files, which were downloaded onto PCs and triggered massive cyber assaults, the company said.

AhnLab and government officials estimated between 4,300 and 11,000 personal computers were infected by malware that causes DDoS. The security company is distributing free software for treatment.

The latest DDoS attack also targeted the Web sites of the unification ministry, the defense ministry, the National Assembly, the military headquarters, the U.S. Forces in Korea, major local lenders, securities companies, Internet portals and other government agencies.

Later Friday, the National Police Agency (NPA) said it had launched a probe to trace the origin of the denial of service attack.

"We have sent investigators to two companies operating file-sharing sites that were used to spread malicious codes to zombie computers this morning," an official at the NPA's Cyber Terror Response Center said, noting the two were located in Seoul and the southern port city of Busan, respectively.

Zombie computers refer to those contaminated with a virus.

The cyber investigation unit also dispatched inspectors to secure related documents and is tracking down IP addresses used for the DDoS attack, officials said.


Send Feedback
How can we improve?
Thanks for your feedback!