Home / News

New Analysis Suggests Recent Cyberattacks Against US and South Korea Originated from UK Not N. Korea

Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis), says that the source of recent cyberattack against US and South Korean government websites was not North Korea—as widely reported—but UK. Based on Bkis analysis, a report today by Nguyen Minh Duc says that a master server located in UK was found to control the 8 Command and Control servers responsible for the series of cyberattacks last week.

According to the Koran Times, the Korea Communications Commission (KCC), the country’s broadcasting and telecommunications regulator, has backed Bkis report and that “law enforcement authorities are currently seeking cooperation with the British government to investigate the attack source.”

Related Links:
Korea and US DDoS attacks: The attacking source located in United Kingdom Bkis Security Blog, Jul.14.2009
Source of Cyber Attacks Originated From Britain The Korean Times, Jul.14.2009
UK, not North Korea, source of DDOS attacks, researcher says PC World, Jul.14.2009

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Comments

Cut the sensationalism The Famous Brett Watson  –  Jul 14, 2009 9:59 PM

Nobody knows where these attacks originated yet. The UK link is merely another compromised host in the long chain of intermediate systems behind which the real miscreant is hiding. Wired Threat Level is already reporting that the UK host was in turn controlled (via VPN link) by a host in Miami, Florida. You can be quite sure that Miami isn’t the origin, either.

Cut the Political Grandstanding also Glenn Harris  –  Jul 22, 2009 2:16 PM

Here we go again with knee jerk reactions from at least one member of Congress http://www.wired.com/threatlevel/2009/07/show-of-force/

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

Related

Topics

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign