DDoS attacks hit U.S., South Korean government websites

By Robert Westervelt, News Editor 08 Jul 2009 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Security researchers and government IT personnel are investigating a series of distributed denial-of-service (DDoS) attacks wreaking havoc on U.S. and South Korean government websites.

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

According to security researchers, the attacks began last weekend and were responsible for taking out the websites hosting the Federal Trade Commission and Department of Transportation, among others. A spokeswoman for the FTC did not return a phone call seeking comment.

PandaLabs, the research arm of antivirus vendor Panda Security, issued a list of websites affected by the attacks. PandaLabs technical director, Luis Corrons, said the malware involved in the attack has been detected as Mydoom.HN.

The mass-mailing worm began spreading in 2004 and quickly became substantial. At its peak, Mydoom was detected in one in 12 email messages.

The DDoS attacks appear to be originating from South Korean computers. According to news reports, South Korean officials are experiencing similar problems with the government's websites.

The attacks have been widespread and relatively unsophisticated, affecting other government websites at times as well as several sites connected to financial firms, according to security researchers who describe the attacks primarily a nuisance.

Rick Howard, director of security intelligence, at VeriSign iDefense called the attacks "run of the mill" and said security researchers believe the delivery mechanism used to create the botnet behind the attacks, was a simple spam campaign. Researchers are still trying to determine for certain if there is a command and control server behind the botnet.

"We believe this attack is nothing more than standard using old Mydoom code from 2004," Howard said. "That's what is hitting on antivirus engines right now."

Security researchers are also trying to figure out why the attacker has chosen certain websites over others. Other than some financial firms, the Washington Post is the only other organization affected by the attack.

"We don't know if it is North Korea, someone mad at the Washington Post or just a disgruntled hacker," Howard said. "We may never know."

Tags: Denial of Service (DoS) Attack Prevention,  Emerging Information Security Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Denial of Service (DoS) Attack Prevention VeriSign extends DDoS attack protection service Conficker authors prepping for next stage, researcher says Latest DDoS attacks extremely unsophisticated, experts say How to prevent a denial-of-service (DoS) attack I'll be watching you: Wireless IPS How to prevent DDoS attacks on websites How to prevent network denial-of-service attacks What are 'phlashing' attacks? Could someone place a rootkit on an internal network through a router? Black Hat 2007: Estonian attacks were a cyber riot, not warfare Denial of Service (DoS) Attack Prevention Research Emerging Information Security Threats Modern malware, stealthy botnets, adapt quickly, expert says New ransomware Trojan pushes victims to buy software Bruce Schneier on outsourcing, awareness training US-CERT warns of BlackBerry snooping software Marcus Ranum on cyberwarfare, infosec careers Researchers find thousands of flawed embedded devices Enterprise botnets contain thousands of malware variants Nuke and pave to eradicate botnets Rand study urges caution on cyberwarfare attacks Hathaway joins Harvard to contribute to DOD project

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Electrohippies Collective  (SearchSecurity.com) packet monkey  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary