chrisomar400
Jul 9th, 2009, 09:57 AM
http://*******************/images/free_hosting/large/0180-0907-0903-5242_capt.photo_1247074882229-2-0.jpg (http://*******************)
Wed Jul 8, 5:51 PM ET
Around a dozen US government websites, including those of the White House and the Pentagon, were targeted in a coordinated cyberattack which also struck sites in South Korea, computer security experts said Wednesday.
The Department of Homeland Security confirmed that US government and private sector websites had come under so-called "distributed denial of service" (DDoS) attack but declined to identify any of the targeted sites.
A denial of service attack attempts to paralyze a website by flooding it with traffic from an army of malware-infected computers known as a "botnet."
"It was a pretty massive attack," Johannes Ullrich, chief technology officer for the private SANS Internet Storm Center, said of the Internet assault which began over the weekend.
"Nothing really terribly sophisticated. It just floods the websites," he told AFP. "It prevents the websites from responding. They're just overloaded with traffic."
"The only site that was hit pretty bad was the Federal Trade Commission, ftc.gov," he said.
Ullrich said US government sites which came under attack included the White House, Department of Homeland Security, Department of Transportation, Federal Aviation Administration, National Security Agency, State Department, US Postal Service, US Treasury Department and Voice of America.
A Pentagon site, defenselink.mil, was also targeted, he said, as was a site for US forces in South Korea.
Commander Jeffrey Gordon, a Department of Defense (DoD) spokesman declined to confirm the attacks, but said "we continue to protect networks and remain vigilant, as we routinely do.
"In the interest of security, we don't discuss specific operations," he said. "There are millions of scans (not intrusion attempts, just scans) of the DoD Global Information Grid per day and we defend in depth every day.
"There has been no impact on Defense Department operations," he said.
South Korean lawmakers were quoted as saying Wednesday that South Korea's intelligence service believes North Korea or its sympathizers may have staged the attack.
"This is not a simple attack by individuals. The attack appeared to have been elaborately prepared and staged by a certain organization or state," Seoul's National Intelligence Service (NIS) said in a statement.
The NIS said US authorities were cooperating to track down those responsible for hijacking 12,000 personal computers in South Korea and 8,000 abroad which were exploited as vehicles for the attacks.
The Department of Homeland Security confirmed the attacks but stressed that cyberattacks on US government websites were a daily occurrence and declined to identify any specific targeted sites.
"The Department of Homeland Security is aware of the DDoS attacks on federal and private sector public-facing websites and as of last night, all federal websites were back up and running," the department said in a statement.
It said its US-Computer Emergency Response Team (US-CERT) advised federal departments and agencies and partner organizations of "steps to take to help mitigate against such attacks.
"We see attacks on federal networks every single day, and measures in place have minimized the impact to federal websites," the department said.
Ullrich said private sector sites which came under attack included the New York Stock Exchange (NYSE), the NASDAQ, Yahoo!, online retail giant Amazon and The Washington Post.
The NYSE confirmed in a statement that nyse.com had come under attack but said it "has not experienced any impact."
"It is important to note that such an attack has not and could not impact the trading and data systems of NYSE Euronext markets, which operate on private networks," it said.
Other private computer security firms also confirmed that US government and private sector websites had come under attack, but declined to discuss the attacks on the record because of the sensitivity of the subject.
http://*******************/images/free_hosting/large/0180-0907-0903-5335_afp_logo_51.png (http://*******************)
http://*******************/images/free_hosting/large/0180-0907-0903-5407_line.gif (http://*******************)
Wed Jul 8, 5:51 PM ET
Around a dozen US government websites, including those of the White House and the Pentagon, were targeted in a coordinated cyberattack which also struck sites in South Korea, computer security experts said Wednesday.
The Department of Homeland Security confirmed that US government and private sector websites had come under so-called "distributed denial of service" (DDoS) attack but declined to identify any of the targeted sites.
A denial of service attack attempts to paralyze a website by flooding it with traffic from an army of malware-infected computers known as a "botnet."
"It was a pretty massive attack," Johannes Ullrich, chief technology officer for the private SANS Internet Storm Center, said of the Internet assault which began over the weekend.
"Nothing really terribly sophisticated. It just floods the websites," he told AFP. "It prevents the websites from responding. They're just overloaded with traffic."
"The only site that was hit pretty bad was the Federal Trade Commission, ftc.gov," he said.
Ullrich said US government sites which came under attack included the White House, Department of Homeland Security, Department of Transportation, Federal Aviation Administration, National Security Agency, State Department, US Postal Service, US Treasury Department and Voice of America.
A Pentagon site, defenselink.mil, was also targeted, he said, as was a site for US forces in South Korea.
Commander Jeffrey Gordon, a Department of Defense (DoD) spokesman declined to confirm the attacks, but said "we continue to protect networks and remain vigilant, as we routinely do.
"In the interest of security, we don't discuss specific operations," he said. "There are millions of scans (not intrusion attempts, just scans) of the DoD Global Information Grid per day and we defend in depth every day.
"There has been no impact on Defense Department operations," he said.
South Korean lawmakers were quoted as saying Wednesday that South Korea's intelligence service believes North Korea or its sympathizers may have staged the attack.
"This is not a simple attack by individuals. The attack appeared to have been elaborately prepared and staged by a certain organization or state," Seoul's National Intelligence Service (NIS) said in a statement.
The NIS said US authorities were cooperating to track down those responsible for hijacking 12,000 personal computers in South Korea and 8,000 abroad which were exploited as vehicles for the attacks.
The Department of Homeland Security confirmed the attacks but stressed that cyberattacks on US government websites were a daily occurrence and declined to identify any specific targeted sites.
"The Department of Homeland Security is aware of the DDoS attacks on federal and private sector public-facing websites and as of last night, all federal websites were back up and running," the department said in a statement.
It said its US-Computer Emergency Response Team (US-CERT) advised federal departments and agencies and partner organizations of "steps to take to help mitigate against such attacks.
"We see attacks on federal networks every single day, and measures in place have minimized the impact to federal websites," the department said.
Ullrich said private sector sites which came under attack included the New York Stock Exchange (NYSE), the NASDAQ, Yahoo!, online retail giant Amazon and The Washington Post.
The NYSE confirmed in a statement that nyse.com had come under attack but said it "has not experienced any impact."
"It is important to note that such an attack has not and could not impact the trading and data systems of NYSE Euronext markets, which operate on private networks," it said.
Other private computer security firms also confirmed that US government and private sector websites had come under attack, but declined to discuss the attacks on the record because of the sensitivity of the subject.
http://*******************/images/free_hosting/large/0180-0907-0903-5335_afp_logo_51.png (http://*******************)
http://*******************/images/free_hosting/large/0180-0907-0903-5407_line.gif (http://*******************)