A number of South Korean government Web sites were inaccessible on Wednesday, apparently taken offline by a large cyber-attack that had earlier hit U.S. government sites.
The Web site for South Korea’s president, the Blue House, and those for the National Assembly and Ministry of National Defense were all offline at Wednesday lunchtime. Also inaccessible was the home page of the Grand National Party and the Chosun Ilbo national newspaper
The Korea Internet Security Center’s security index was set at “substantial,” which is the middle of its five levels and signifies regional Internet security problems and advises all Internet users to take urgent security measures.
Local press reports said around 25 sites had been hit since late Tuesday including those of major banks including Shinhan Bank and Korea Exchange Bank and major portal Naver. All three appeared to be operating normally at Wednesday lunchtime but a prompt on the page of Shinhan Bank referenced a distributed denial of service (DDOS) attack and advised users to download security software.
On Tuesday security researchers in the U.S. said a botnet comprising of about 50,000 compromised PCs was responsible for a cyber-attack that had hit U.S. sites including the Federal Trade Commission, Department of Transportation, Department of the Treasury and other sites.
Over the weekend the attack was generating 20 to 40 gigabytes of bandwidth per second, according to one researcher, although had slowed to about 1.2 gigabytes per second on Tuesday.
Most of the infected machines that make up the botnet appear to be located in South Korea although that doesn’t necessarily mean the perpetrators are located in that country. South Korea has heavy Internet penetration and almost all users are hooked up to high-speed always-on connections. Such conditions are ripe for exploitation by hackers looking to build a botnet.