[Infowarrior] - Hoekstra Wants ‘Show of Force’ Against North Korea for Website Attacks
Richard Forno
rforno at infowarrior.org
Sat Jul 11 18:34:50 UTC 2009
The blind leading the blind and preaching to the blind about what to
do. Typical Congresscritter. But then again, it's Hoekstra!! -rf
Threat Level Privacy, Crime and Security Online
Lawmaker Wants ‘Show of Force’ Against North Korea for Website Attacks
• By Kim Zetter
• July 10, 2009 |
• 1:45 pm |
• Categories: Cybersecurity
http://www.wired.com/threatlevel/2009/07/show-of-force/
A key Republican lawmaker on Thursday urged President Obama to launch
a cyber attack against North Korea, or increase international
sanctions against the communist country, in the wake of an unknown
hacker’s denial-of-service attacks on U.S. and South Korean websites.
Rep. Peter Hoekstra (R-Michigan), the lead Republican on the House
Intelligence Committee, said the U.S. should conduct a “show of force
or strength” against North Korea for a supposed role in a round of
attacks that hit numerous government and commercial websites this week.
Hoekstra, speaking on the conservative America’s Morning News radio
show, produced by the Washington Times newspaper, said that “some of
the best people in America” had been investigating the attacks and
concluded that most likely “all the fingers” point to North Korea as
the culprit.
They’re reaching the conclusion that this was a state act and that
“this couldn’t be some amateurs,” claimed Hoekstra, in direct
opposition to what security experts have actually been saying.
He added that North Korea needed to be “sent a strong message.”
“Whether it is a counterattack on cyber, whether it is, you know, more
international sanctions . . . but it is time for America and South
Korea, Japan and others to stand up to North Korea or the next
time . . . they will go in and shut down a banking system or they will
manipulate financial data or they will manipulate the electrical grid,
either here or in South Korea,” Hoekstra said. “Or they will try to,
and they may miscalculate, and people could be killed.”
An ABC News commentator also called for an aggressive response.
Michael Malone, who bills himself as “one of the nation’s best-known
technology writers,” wrote in his Friday column that thousands could
die in future internet attacks. One of his imagined scenarios is an
eerie echo of the claim — heard prior to the first U.S. war with Iraq
— that Saddam Hussein was killing babies in incubators.
“When do we get out of our defensive crouch and actively go after
governments that are attacking us through cyberspace?” Malone wrote.
“Will it be after a web Pearl Harbor catches us by surprise and
crashes our financial markets — or kills thousands of people trapped
in computer-controlled transportation systems run amok, or in a
darkened city trapped in a blizzard or heat wave, or babies in
microprocessor controlled incubators? And long before then, why can’t
we respond to such an attack by a foreign government not with bombs or
missiles, but by crashing that country’s digital infrastructure?”
The series of denial-of-service attacks began over the July 4 holiday
weekend and struck more than three dozen prominent web sites in the
U.S. and South Korea. The unsophisticated attacks, which are believed
to have originated from more than 50,000 computers infected by the 5-
year-old MyDoom worm, targeted five U.S. government sites on the first
day but expanded to U.S. commercial and media sites on following days
and struck South Korean government and financial websites on Tuesday
and Thursday.
Sites hit by the attacks include ones for the White House, the U.S.
Department of Homeland Security, Secret Service, National Security
Agency, Federal Trade Commission, Department of Defense and the State
Department, as well as sites for the New York Stock Exchange, Nasdaq,
Amazon and Yahoo.
On Tuesday, several sites in South Korea, including sites for the
Ministry of Defense and the presidential Blue House, were also
targeted, followed by more South Korean sites on Thursday.
Most of the U.S. sites shrugged off the attack and suffered no
downtime, although a couple of government sites experienced trouble
for more than a day as they struggled to update their systems and take
measures against the attacks.
The Associated Press was the first to publish a story prominently
quoting anonymous South Korean intelligence officials blaming the
attacks on North Korea, even though such attacks are generally very
difficult if not impossible to trace. A follow-up AP story indicated
that officials had no proof to back their provocative claim.
Denial of service attacks, which involve overwhelming a website with
hundreds of thousands of lookup requests — generally launched from
botnet machines controlled by a hacker — are one of the least
sophisticated kinds of attacks a hacker can conduct.
Security professionals in the U.S. indicated this week that the author
of the attacks borrowed old code written by previous malware writers
to conduct the attacks and made no attempt to hide his code from being
detected by anti-virus programs. They told Threat Level that the
nature of the showy attacks appeared to indicate that the hacker
simply wanted attention. They found no evidence so far to support
claims that North Korea — or any other state-backed entity — was
behind the attacks.
The botnet machines used in the attacks — most of which are in China,
South Korea and Japan, according to researchers — were likely infected
after their owners clicked on an e-mail attachment containing the
MyDoom worm. The malware, once launched on an infected machine, allows
the hacker to remotely control the computer and contains instructions
to conduct the attacks. Researchers have also recently discovered that
the code contains instructions to erase parts of the computer owner’s
hard drive on Friday, preventing the user from re-booting their
machine, according to the Washington Post’s Brian Krebs. The Post
reports that some machines used in the website attacks have already
begun to self-destruct.
More information about the Infowarrior
mailing list