The US government has yet to even acknowledge that there was a denial of service attack on government websites as well as private entities such as the New York Stock Exchange and The Washington Post. South Korean delegates are the only persons effected by the attacks to openly accuse North Korea of the denial of service attacks, and that was off the record.
Representative Peter Hoekstra told the Washington Times last week that, “all fingers point to North Korea,” and said “Whether it is a counterattack on cyber, whether it is more international sanctions…it is time for America and South Korea, Japan and others to stand up to North Korea.”
There is no proof that North Korea was behind the attacks though timing and motive are pointed toward North Korea. The attack comes after months of little US response to the launch of North Korean nuclear weapons in May and June and very close to the anniversary of the death of Kim Il Song, a point made by Rodger Baker, the director of East Asia analysis at Stratfor. Yet even if North Korea was behind the July 4th attacks, it is very hard to decipher whether the DDoS attacks were instigated by an rogue organization, teenage hackers, government sponsorship or even just one individual.
“The odds are extremely slim that we will find out who did it, but a lucky break could happen,” according to SANS internet storm center director Marc Sachs.
It is still unclear what the cyber capacity of the of the impoverish country really is, although reports of a North Korean “hacking academy”, according to Core Security Technologies’ Tom Kellermann. The cyber attacks are not considered massive assaults and the culprit/culprits used outdated technologies, similar to the My Doom viruses of 2004.
The cyber attack aftermath is out of character for North Korea as well, usually when North Korea attempts to defy the US or the United Nations it makes it loud and clear. Nuclear weapons are used as propaganda tool to maintain Kim Jong Il’s power. A cyber attack would not boost Kim Jong Il’s citizen approval, a nation with little to no internet access.
Yet the Korean Communications Commission has accused a British-based computer company Brighton of involvement in the cyber attacks two weeks ago.”The [British] server appears to have controlled compromised handler servers,” said KCC network protections leader Park Cheol-Soon. He added, “However, it needs more investigation to confirm whether this server was the final attacker server or not.”
The Korean Government hired Vietnamese cyber firm Bach Khoa Internetwork Security (BKIS) to carry out an investigation of the attacks. The Vietnamese company traced back proxy servers to the British internet television company Global Digital Broadcast. It has yet to be determined whether the British computers were part of the plot or whether they were simply manipulated by a master computer.
In a statement released Tuesday, GDB responded to the July 4th attack accusations on its website. “Global Digital Broadcast, while operating a worldwide IPTV platform, treats security breaches with the highest regard. After identifying the VPN circuit that originates at Digital Latin America in Miami, the relevant information was passed to SOCA. The GDBTV network was not breached.”