Cyber attacks last week that crippled major US and South Korean websites originated from a master server in Britain, a major Vietnamese computer security centre said on Wednesday.
South Korean and US government and private websites were last week hit by waves of “distributed denial of service” (DDos) attacks designed to swamp selected sites with traffic.
Officials in Seoul said the attacks may have originated in North Korea and that 166,000 “zombie” computers in 74 countries were involved.
And the Bach Khoa Internetwork Security (Bkis) in Vietnam said the master computer was in Britain.
“Most important of all, we could locate the master server that controls all the hacking, located in the UK,” said Nguyen Minh Duc, senior security researcher for
“Ours is the first report on the location of the master server.”The Bkis centre is part of is part of the Hanoi University of Technology and of a regional internet security group, the Asia-Pacific Computer Emergency Response Team.
“Ours is the first report on the location of the master server.”The Bkis centre is part of is part of the Hanoi University of Technology and of a regional internet security group, the Asia-Pacific Computer Emergency Response Team.
Duc told AFP the international investigation had reached a dead-end because the hacker had concealed their identity on infected computers.
However, he said: “Our discovery provides information for authorities to find out the culprit behind the attack.... Our finding helps point out that the hacker might be located anywhere in the world, conducted by anyone, not just North Korea.”Seoul's National Intelligence Service earlier said North Korea was a prime suspect in the attacks, which briefly crippled major government and commercial websites in the United States and South Korea.
Commenting in Seoul on the Vietnamese findings, Park Cheol-Soon, a network protection team leader of the government-run Korea Communications Commission, said the British server “appears to have controlled compromised handler servers” that spread viruses.
“However, it needs more investigation to confirm whether this server was the final attacker server or not,” he told AFP.
“However, it needs more investigation to confirm whether this server was the final attacker server or not,” he told AFP.
Park stressed that the apparent discovery of a master server in Britain did not mean North Korea could not be held responsible.
The DDos attacks involved sending multiple requests for website access from tens of thousands of “zombie” computers so the sites became overloaded.
The computers that were used to send the flood of requests had been infected with a virus that allowed attackers to control them anonymously.
The Korea Communications Commission on Monday downgraded its alert against the cyber attacks, saying they were “fizzling out” and most targeted sites had normal traffic restored.
North Korea has staged a nuclear test and numerous missile launches in recent weeks, raising regional tensions. But a cyber attack, if confirmed, would be a new tactic.
The Korea Communications Commission on Monday downgraded its alert against the cyber attacks, saying they were “fizzling out” and most targeted sites had normal traffic restored.
North Korea has staged a nuclear test and numerous missile launches in recent weeks, raising regional tensions. But a cyber attack, if confirmed, would be a new tactic.
Duc said latest reports that Bkis received from KrCERT, the Korean Computer Emergency Response Team, and its US counterpart, USCERT, said those two agencies had worked with UK authorities to approach the master server.
On a separate company blog Duc wrote that, having located the British source for the attacks, “We believe that it is completely possible to find out the hacker.”But Hong Min-Pyo, president of security solution provider Shiftworks, told AFP it was technically impossible to trace who initiated the attacks.
Shiftworks has also tracked down a server in New Jersey that was believed to have been spreading the so-called “malware”, he said. “DDos attacks are designed to hide the attackers.”
Comments
Post a Comment