Online Attack Hits US Government Web Sites 199
angry tapir writes "A botnet composed of about 50,000 infected computers has been waging a war against US government Web sites and causing headaches for businesses in the US and South Korea. The attack started Saturday, and security experts have credited it with knocking the Federal Trade Commission's (FTC's) web site offline for parts of Monday and Tuesday. Several other government Web sites have also been targeted, including the Department of Transportation."
Internet Sovereignty (Score:4, Interesting)
I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum.
Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
Re:Internet Sovereignty (Score:4, Interesting)
I'm just curious when or if rules are going to be put up about Internet sovereignty, so that an attack on a website is seen as an act of war. I can totally see a situation where a US gov't website or economic hub (e.g. stock exchange servers) would get hit by a series of computers based out of N. Korea, the US declares war on N. Korea for violating US internet sovereignty, and the whole thing was a setup by a third party looking to create and exploit a power vacuum. Maybe I've been reading too many NetForce novels, but the whole idea scares me, and I have the feeling that most people in America wouldn't understand why... particularly the people who make the laws about this kind of thing.
What stops people doing that is the same thing that stops them doing it in the physical world. People have been trying to frame others for military attacks since the dawn of human history and the main deterrant is that if it backfires not only will the government become destabilized from within as people oppose the subterfuge but both involved nations with pile on it simultaneously.
Not to mention, even if they succeed, it will come back to haunt them at some later point after their intervention is discovered.
Re: (Score:2)
except that the reichstag fire worked, the gulf of tonkin worked, many others worked.
They do work, otherwise people would never do it. However when your country stands to suffer from the fallout, the risk/reward balance is heavily skewed. If it is a third party, eventually they will be found out. If they had succeeded in starting a war, the fallout would be crushing.
Re: (Score:2)
That's actually an interesting brain teaser. On so many levels.
First, nothing's more trivial than to frame someone in such an attack. The computers participating are usually bots, the server is often a hacked box as well (and if not, you can rent one for little money), it's nothing you could easily trace to the source.
Second, will people understand why they should fight and possibly die for a virtual attack, people who don't use a computer and don't know the importance of the internet to modern commerce and
Re: (Score:2)
I could see it going fully virtual. N. Korea attacks .gov servers, you get a notice from the DoD that your computer has been drafted to fight in the war, slamming N.Korea's routers with a DDOS.
Next they hit the middle schools offering various awards to the kiddez who hack N. Korean websites.
Re:Internet Sovereignty (Score:4, Insightful)
If China gave us clearance to attack North Korea, I would hope that we would start by blowing up the government (using air power). I think the people would get the idea pretty quickly, so I'm not sure a deadly ground war would follow.
Yes, because that worked so well in Iraq [wikipedia.org].
Re: (Score:2, Insightful)
Re: (Score:2)
The lesson is clear, knock it down from afar, but don't try to take it over. Just knock it down and leave it.
Later, if the people ask for external aid, by all means answer, but if not, stay out.
Re: (Score:2)
Yeah, bombing the shit out of towns and people sure made them surrender. It worked like a dream in WW1, WW2, Vietnam, Iraq...
It seems once we notice something doesn't really work, we do it again and again in the hope that sometime, somehow, it just might.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Not in the long run, at least not in Europe. A bit less stupidity and a bit more luck on the Axis side would have meant a longer war, but the outcome would have been the same. You can't wage a high-tech war (and for the time it was a symmetrical high tech war) when you're low on key resources like oil and metal (other than iron).
Re: (Score:2)
As I understand the problem, the North Koreans' response to any attack would be the large scale shelling of U.S. and Korean targets in South Korea with their widely distributed massive overkill conventional heavy artillery. Of course some of these emplacements are in populated areas. They'd probably lob a nuke too but it might not even work. The artillery is the problem. It's hard to knock down a ballistic high-explosive shell. (read effectively impossible) The only way to stop them would be a mad bombi
Who Cares? (Score:5, Insightful)
I'm sorry, but if this has nothing to do with Michael Jackson, apparently no one cares.
Re: (Score:3, Funny)
US Government websites attacked... (Score:5, Funny)
Re: (Score:2, Insightful)
I blame Blizzard (Score:3, Funny)
How do you know they went down? (Score:5, Insightful)
Now if google [google.com], wiki [wikipedia.org], or itunes [apple.com] goes down, then PANIC!
Re: (Score:2)
Lots of people go to ftc.gov -- its traffic rank is around 10,000...
Re: (Score:3, Informative)
ftc.gov? Nobody goes to those sites...
I do. It's the home of the National Do Not Call Registry. www.donotcall.gov.
Also notice that registrations there no longer expire every 5 years!
Re: (Score:3, Informative)
Honestly, when was the last time you went to ftc.gov?
I send people here [ftc.gov] all the time to point out credit card misconceptions.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Actually, in the best tradition of the "dog at midnight" (http://en.wikipedia.org/wiki/Silver_Blaze), what's most significant are the sites that are NOT reporting problems, including *.mil, dhs.gov and state.gov. Thus it seems to me that some parts of government have much better/more hardened infrastructures than others.
A couple of posts below this "Pull the Gdamn plug!" and some of the responses, lay down thoughts on shutting down DDOS attacks.
My first thought was "OK, was this attack targeted to anything
Pull the Gdamn plug! (Score:4, Informative)
All that is required is to pull the damn plug on these bots. Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
These feral packets _ALSO_ come into the ISP's routers. It is easy to identify them. Uninfected machines don't normally sit there and hammer away at port Blah. Some of the worst ports are 80 (html), 25 (mail) and 22 (SSH).
One really needs to only look at the ports that the botnet tries to exploit.
A simple solution is to pull the plug. A solution which is slightly more difficult is to block the ports the botnet is trying to attack on and then redirect any web access to a banner page advising the owner their machine is cracked and what to do about it... or a tech could phone the client.
_any_ ISP can do this. If they don't do it then they don't want to. As for consumer rights - crap! Its the ISP's which write the Terms of Service. They can put pretty much any terms they want providing said terms are considered reasonable. The public will probably not object. Spammers might however but then who cares if they can't find an uplink.
So the first place to start is at the ISP level.
Next: I've blocked botnets of more than 50,000 machines. I use OpenBSD on the webservers and on the firewalls. Its not that hard to do. Pf can easily handle this. If the server admins over at the "US Government Web Sites" can't handle this then IMHO they are incompetent. If reference, here is an example of how to block these bots in PF:
pfctl -t spammers -T add 190.174.220.241
pfctl -t spammers -T add 67.10.200.220
pfctl -t spammers -T add 125.161.37.199
pfctl -t spammers -T add 71.218.209.198
pfctl -t spammers -T add 202.28.120.19
This is a shell script BTW. extracting the list of bots can be done by scanning the appropriate logs.
Re:Pull the Gdamn plug! (Score:4, Insightful)
Although this might help against some types of denial of service attempt where they're making your machine work harder by servicing what look to be legitimate requests, it does not help against attempts at network saturation from incoming packets unless you can block it at the upstream router.
Re: (Score:3, Insightful)
unless you can block it at the upstream router.
Yes - we need to block at the upstream router. This is why the ISP who connects the bot to the net has to become proactive and stop burying their collective heads in the sand.
We all know who these ISP's are too. They tend to be the big boys.
The thing is that they can even write into their terms of service that the customer _agrees_ to a reasonable fee to correct zombie machines. Then they can make money on the "service" they provide.
OTOH... let me advise o
Re:Pull the Gdamn plug! (Score:5, Informative)
Each of these machines has and IP address which it advertises every time it makes an attack. That's right folks: The return IP address is part of the header. You can't route packets without this information.
Not necessarily. For SYN flood [wikipedia.org] the src address can be spoofed, since the attacker doesn't care if he gets the SYN-ACK.
What the ISPs could do for this is to filter outbound traffic such that if the src IP is not on their network (i.e., is spoofed) the packet is dropped.
Re: (Score:3, Insightful)
I cannot think of one legitimate case where spoofed IPs is legitimate.
Re: (Score:2)
I _think_ the reason for "shaping" is to fsck up VoIP. Since the telcos want you to pay THEM for this service and not use something like Skype or someone else then if they can "shape" then they can delay certain packets and that screws up the competition. They like to get this into place before people understand how the technology really works and what they are up to. Eventually these dirty tricks may get changed or eliminated but in the mean time they make profit.
Re: (Score:2)
This is a shell script BTW. extracting the list of bots can be done by scanning the appropriate logs.
You can do the same via PF's built in features. Search the FAQ/man pages for the stateful tracking options. It's got several options to restrict/limit the connections per address and lets you start dumping offending addresses into a table automatically.
Re: (Score:2)
Re: (Score:2)
You block at the port level or the packet level. Then you block the machine doing the spewing. It would be nice however if when you do this you actually call the owner and solicit their cooperation. But you still block it per terms of service which you write into the contract.
Then we can't get most forms of attack because they are blocked at source.
Re:blame China (Score:5, Insightful)
ok let's blame China now for this.
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
By the way, don't say "Chinese Plot", they have nothing to gain from upping tensions at this point. They've been trying to bring the North Koreans into negotiations and they too have issued denounciations against NK by this point. Iran's official line is that the UK is mostly responsible for their problems, they have little to gain from doing something to the Americans and the Russians were just recently in negotiations with Obama that appear to have gone well.
Re:blame China (Score:5, Insightful)
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
Re:blame China (Score:4, Insightful)
What always bugs me with these "cyberwar" news is that people try to put one country as responsible for them, and its always China or Russia or one of the other "bad guys". Like parent post said, their goverments have no reason to do something like DDOS attacks against US. Who's to say its not just some individual who either is pissed at US/South Korea or has such political views, or does so for whatever reason? Stop blaming countries as a whole if you dont know it.
But there's two things that are important here..
1. An individual would have to be VERY motivated to attack two countries at once. Especially if those countries are the US and South Korea. The only thing that makes them unique is that they're at war with North Korea. We also know for a fact that the North Korean citizen does not have internet access from reporters inside the country, in fact posessing a device that can access the outside is punishable by death there so it can't have been a NK citizen acting alone. Assuming it was just one citizen from another country they would have to be very dedicated to perform what is basically a military strike against a foreign power. Prepared to risk death to frame North Korea; that would be a very unique combination and it makes little sense.
2. North Korea has recently been upping it's cyberwar capability enough for it to show up in overseas media. They only recently sent teams to participate in international hacking challanges and appear to have done well in them. One of the main reasons I instantly suspected NK is because of this.
So my personal suspicion is based on the fact that they've recently been working hard to build up their capability in this field despite having no internet connectivity for the average citizen and then all of a sudden a cyber strike hits North Korea's enemies at the same time they're conducting missile tests in contravention of UN sanctions.
Re: (Score:3, Interesting)
An individual would have to be VERY motivated to attack two countries at once.
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
Re: (Score:3, Interesting)
The point of a botnet is they don't have to be very motivated at all. Just bored. Having a list of IP numbers or URLs that includes 2 countries is *not* difficult.
I mean there's a high probability (50%+) that they will spend the rest of their lives inside a prison. Targeting a foreign country's military infastructure is no small thing and their home country is unlikely to go to defend them from something like this. If they're smart enough to pull this off no doubt this would have occured to them as well. Remember the guy that infiltrated NASA got something like 20+ years and that wasn't even military critical, neither did he do damage.
Re:blame China (Score:4, Insightful)
And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either.
Really a DDOS attack like this, *is* a small thing.
Re: (Score:2, Interesting)
You think for one second that a bored hacker even thinks that far ahead? And lets get some perceptive here. A few website went down for less than a day. Hardly an attack that anyone should care about. And not national security or military level either. Really a DDOS attack like this, *is* a small thing.
I'm not disagreeing, it's entirely possible. I merely think it's unlikely. The scale of the attack does appear small, but the NASA example I used was nothing to care about, intent to attack matters.
Re: (Score:2)
I'm not disagreeing, it's entirely possible. I merely think it's unlikely. The scale of the attack does appear small, but the NASA example I used was nothing to care about, intent to attack matters.
The NASA attack you speak of was also breach of systems. This is a trivial DDOS on a few Web servers. While annoying, it's not the end of the world.
Re: (Score:2)
The thing I don't really get is how 50,000 computers can shut down your site.
I can't imagine the FTC is only hosted by one or two servers. Of course the important number was not mentioned which is how much bandwidth was being put into the DDoS. That would determine if it's just bad website administration not surviving something that all of us experience from time to time. Of course the other matter is why you would attack a public-facing site for the FTC or department of transportation. This isn't going to
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Informative)
purple monkey dishwasher
Re: (Score:2)
Re: (Score:2)
While the US and South Korea have been at war with North Korea in the past, and quite possibly the near future, it's not correct to say we are presently at war with them. Perhaps you meant "they were" instead of "they're" - the contraction for "they are"?
For one thing the war never officially ended. America didn't sign anything and South Korea signed a cease fire. North Korea recently stated that the cease fire is no longer valid. Therefore, according to them, North Korea is at war with America and South Korea. Although that doesn't stop them from talking about Imperialist provocation.
Re: (Score:2)
IP addresses used in attacks are usually Chinese or Russian. Furthermore, the malware found on hacked machines often uses Chinese or Russian characters.
It's a pretty good bet that the hackers themselves reside in those countries. We can't conclude that they are hacking at the request of their governments, but it wouldn't be surprising; those governments aren't doing much to stop the hacking (which would be easy to do using national firewalls).
Re: (Score:2)
Its not fricken national emergency. Its just a botnet attack. Seriously what are the effects? Some website wasn't available all day? Sounds like just another day on the internet...
Re: (Score:2)
Let's not. See what offends me about this whole thing is that it's so obivious. If they'd just targeted America, it could have been anyone. But 'whoever' it was had to go and hit South Korea too, at the same time. Who hates both the US and South Korea?
It could be the Martians.
Re: (Score:2)
Well said. And might i add that we in the past used to blame Canada for all that's wrong. With their beady little eyes and flapping heads so full of lies.
Who hates both the US and South Korea? (Score:2)
Japan.
Granted, Japan from 60-70 years ago but still...
How would USA feel about someone dropping not one, but two nukes on them AND robbing them of say... Texas (Korea)?
Re:blame China (Score:4, Funny)
Who hates both the US and South Korea?
Democrats
Re: (Score:2)
Re: (Score:2)
china gains by stressing it's enemies. assuming they consider the US an enemy, raising tensiosn with n. korea destabilizes the US because it's already up to it's neck in afghanistan and iraq. i'm not accusing china, jut making an observation.
Yes, true. But it doesn't seem worth it. In this case China doesn't actually gain anything, it doensn't do enough damage or strain things to the point where America unbalances. However there is massive potential for backlash. Also, China seems unlikely to frame it's own ally; they would pick someone else to take the fall.
Re: (Score:2)
Re: (Score:2)
it's well known that the US would be in big trouble if it was forced to fight two major conflicts ... i.e., if we engaged n. korea. so yes, forcing the US into that could very well unbalance it. anything that raises tensions between the US and n. korea furthers that end. if china considers n. korea an ally (do they?), it's only because of proximity and because "the enemy of my enemy is my friend". i seriously doubt that would stop them from using n. korea to further their goals. as for why n. korea ... 1) they are technologically backwards and probably aren't up to disproving the claim and 2) they are one of a few nations that we could believe would make such an attack.
They're all good points. But in the last Korean war, the American forces faced off against the Korean and Chinese armies and utterly slaughtered them. Despite being vastly outnumbered the American force sustained some obscenely small amount of casualties and proceeded from one end of the country to the other in record time. During the intervening period, the Americans have become far more advanced and the Koreans wouldn't have the Chinese backing them.
The stuff I've read suggests that an attack by the NK ar
Re: (Score:2)
dont be naive. Why would China try to bring NK to the table? They have nothing to gain from that! Of course they pretended, seeing how far the US goes. The NK pressure clearly causes headaches for US, ergo its good for China.
The Chinese fund something like 9/10th of NK's fuel and 8/10th of their consumer goods, they basically keep the country running and the word I've heard is because they want to both bolster communism in the world and because it buffers the incredibly rich incredibly capitalist South Korea from their borders. If the Americans finally snap and burn North Korea to the ground the Chinese are unlikely to go to bat for them, it's not worth it, the Americans owe them money and being seen to start wars is bad for bu
Re:blame China (Score:4, Informative)
Re: (Score:2)
Re: (Score:3, Funny)
No, it's the PFUWU-ML (People's Front of Unpatched Windows Users - Microsoft Legacy).
Re: (Score:2)
It was a communication problem between the botnet control servers. They just didn't get the update.
Re: (Score:2)
Which on the face of it is rediculous, since the entire nation has less bandwidth than a single hardcore gamer in South Korea. [wikipedia.org]
Re: (Score:2)
Re:blame China (Score:5, Interesting)
I've heard this theory before and my first thought was: "Do they even have internet in North Korea?"
Well, do they?
Re: (Score:2)
Re: (Score:2)
Wow that reads like Ghost in the Shell backstory.
Re: (Score:3, Insightful)
The best defense is always a good offense. Why not launch an attack on North Korea? We have far more advanced technology and could probably cause more damage to them than they could cause to us. If we are crippling their systems, they won't be able to attack ours. I would love to see our government take off the gloves in the cyber world for a change rather than always invading everyone.
Since they started it, it would only be fair. However, there would definitely be some line about imperialist agression. Still, there's almost no chance they would escalate it to physical conflict. A shot above the bows would be nice for once. It might save us from having to drop the hammer when they finally go too far.
However, do they have enough internet connected infastructure to be worth hitting?
Re: (Score:2)
Do we really need government involvement? It seems to me that a few script kiddies with an attitude and a small botnet could return North Korea to its usual, Stone Age situation.
News that it was six tweens and a pet gerbil who brought North Korea to its metaphorical knees might make them think twice against pulling this kind of crap in the future.
Re:Counter attack (Score:5, Insightful)
The reason the U.S. wouldn't attack North Korea in a cyber war is the same reason we wouldn't attack Iran. The internet is a far more powerful tool when it is use to sway opinion than it is to cripple systems.
Re:Counter attack (Score:4, Insightful)
Other than Lil Kim's xbox, how much is there to attack?
Seriously, NK is dirt poor and supremely paranoid. It's not like their economy depends on the internet in any way.
And if you attack their military computers then you quickly escalate things to a very dangerous level.
No reason to attack (Score:2)
Any /. user could personally swamp North Korea's 56k leased line and their rack full of diesel-powered Pentium II boxes. For the US or China, it's not worth the trouble.
Re: (Score:2)
You can't really win that war.
If you want to wage a "real" war for a "virtual" one, you can't win. Hell, NC is so beaten up, any bomb you drop there would only increase land value due to the increase of resources, whatever you might want to bomb is worth less than the bomb you drop on it.
And staying in virtual land... now, what virtual targets of NC do exist, anyway?
Re: (Score:2)
Could I just hate you for being a bully?
Re: (Score:2)
To stay in the schoolyard equivalent, I told you you're a jerk, you beat me into a messy pulp. Sure, I could rat you out to the principal, called UN, but knowing him he'd not even waggle his finger at you 'cause he's afraid you might get angry at him in turn and refuse to pay your tuition money, which you only pay when you feel like anyway.
Re:Counter attack (Score:5, Funny)
Do you seriously think that North Korea has any significant systems exposed on public networks?
You could probably deface their Wikipedia entry, though. Go hog wild.
Re: (Score:2)
That's BS.
The best defense is invisibility to the possible attacker.
>We have far more advanced technology...
*COUGH*
Did you notice, you are being pounded by your own technology?
Like in BSG, the least 'advanced' battleship survived the first attack.
Re: (Score:2)
Re: (Score:2)
Actually, while I agree that it isn't a national emergency and that these attacks weren't critical, I wouldn't merely call it a "middling DoS attack"... I'd call it TRAINING. DPRK has already made it clear they are willing to export nuclear technology, so how hard would it be to develop an expertise in cyber-warfare which they could then export to countries with much more c
Re: (Score:2)
Re: (Score:2)
Of course we could just blame Michael Jackon's funeral for the internet meltdown.
Re: (Score:2)
Of course we could just blame Michael Jackon's funeral for the internet meltdown.
Nah! There's no blame because you're more likely right then wrong. All the damn fools wanting to get to the funeral at Stapples Center from around the world.
Re: (Score:2, Troll)
Attention mods: "Troll" does NOT mean "I disagree with this post." Even though I personall disagree with the parent, it is NOT a troll and should be modded to at least where it was before some asshat modded it down.
This (my) comment is offtopic and should be modded as such. God, I miss meaningful metamoderation, there used to be far less of this crap.
Re: (Score:2)
Re: (Score:2)
Could always do what Russia does they recruit and help train them and supply them, but never officially support them however they pretty much sick them on people to have their way example with with Georgia.
That carries the same problems; people find out and the fallout comes back home sooner or later.
Re:Intensifying the conflict much? (Score:5, Interesting)
You're right. The real enemy here is Microsoft! If we stopped Windows, we would stop the attacks. I think we should send the military to liberate Redmond.
Re: (Score:2, Insightful)
"Cyberwar" is a minor inconvenience, unless they DoS GPS and Satellite communications.
It's propaganda, PsyOp distraction from things that matter. If a bunch of government shovelware is unavailable for a few hours, really the folks who benefit are you and me. And the folks who thrive on theses "scares" by setting "Threat Levels".
You want to know what you should REALLY be worried about? Stuff like this:
http://colonelsabow.com/home.html [colonelsabow.com]
Re: (Score:2)
I don't think anyone should be attacked for being a suspect, it doesn't seem fair.
Why not. It worked when we "suspected" Iraq of having WMDs?
Re: (Score:2)
The petrol in my garage is for my mower and my motorcycle. If someone uses it for another use by breaking into my garage and stealing it, that's their problem.
Yes, you can report it stolen, but don't expect an insurance payout.
Re: (Score:3, Interesting)
So, normally I would agree with you hands down, however, I think the issue is that many people are unaware that their computers are being used for malicious purposes.
Case in point: recently I visited a friend of mine to take a look at his computer. He was complaining it was running slow. A quick check showed multiple viruses on his machine. I asked him how long it had been that way, and his response was, "a few months".
The thing is, by far and large a significant portion of the population is more than li
Re: (Score:3, Insightful)
Yes you can say the car was stolen. There are parts of the country that don't lock their doors and leave keys in there ignition. Thats a good thing, it says people are relatively honest in those parts. Should you suddenly be an accomplis a theft if someone steals your car. I think not unless you hand them the key and say steal it. And no leaving your keys in the ignition is Not handing to them, its showing some amount of trust. That justification is a spin done by theives to justify their actions. Well they
Re: (Score:2)
I use the phrase 'hijacked' loosely. If a person leaves the car running, the keys in the ignition and the windows down (pun intended), can they say that their car was 'stolen'?
It would be more like the car never came with doors and the keys are permanently attached to the ignition. Doors, locks and better keys have to be installed separately by the user.
Re: (Score:2)
Are you proposing a few dropped anchors accross international cables?
Re: (Score:2)
You plan to drop anchors on cables that cross from North Korea into China?
Re: (Score:2)
I was asking a question but "yes" to your question of my question.
Map of underwater cables
http://www.nrc.nl/multimedia/archive/00170/270808ECO_glasvezel_170984a.jpg [www.nrc.nl]
I see a red squiggle going from NK to China (and a few of them going directly from China to the US)
Brilliant insight - yet used wrong... (Score:2)
What on Earth gave you the idea that it was North Korea that did it?
As you have so insightfully put it "How much connectivity does NK have?".
Japan on the other hand has a lot more connectivity, and a huge bone to pick with both US and SC.
Or how about China? India? Germany? Vatican?
Even if the botnet CAME from a particular country, with each attack being accompanied by spamming of the mailboxes around the world with the .mp3s of the national anthem of the particular country - that is still NOT EVIDENCE that
Re: (Score:3, Informative)
> As you have so insightfully put it "How much connectivity does NK have?"
That's irrelevant. The bots are not in North Korea and the goverment behind the attack could communicate with the controllers (who could be anywhwere) via short-wave radio. The attacker may not even have created the botnet: they may have purchased it on the open market.
I agree that there is no direct evidence of North Korean involvement, though.
About exactly as irrelevant as... (Score:2)
...a WILD GUESS that Korea had anything to do with it.Possibility or even opportunity can not be considered proof.
Heck! It could have been Michael Jackson. In his sleep. Maybe he died from shock when he found out what he (his other self, that is) did?
It IS possible!
Re: (Score:2)