Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

South Korea cyberattacks hold lessons for U.S.

Jaikumar Vijayan | March 21, 2013
It's not the source of an attack that matters, it's how well you are prepared for them.

Many have been quick to point to North Korea as the most likely source of the attacks and have noted that the disruptions could signal a dangerous escalation in tension between the two nations. The attacks, in fact, have prompted South Korea's military to raise its information surveillance status up by one level.

Suspicions about North Korea's role in the attacks have been heightened by the fact that the attacks come just a few days after North Korea suffered a prolonged Internet outage of its own. North Korea blamed the outage on the U.S. and South Korea.

Others have said there's little evidence yet to tie North Korea to the incidents and have pointed to more mundane causes -- such as an attack by cybercriminals looking for some quick publicity -- as a likely reason for the disruptions.

According to Avast, its analysis shows that the code used in the malware is distinctly Chinese and the attacks likely originated in China.

The choice of targets and the fact that North Korea has so far remained silent about the attacks is also noteworthy, said James Lewis, director and senior fellow at the Center for Strategic and International Studies in Washington.

"Usually (North Korea) is not quiet when it launches some kind of attack," Lewis said, And typically, the North Koreans have also tended to attack government targets in South Korea he said. "So, no (government) agencies, no proclamation, it's a bit anomalous," Lewis noted. "The DPRK usually does things for money or for politics; this would seem to get neither."

Lewis stressed that none of this rules out North Korean involvement either.


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.