select languages
latestnewslatestnews RSS
Home > National > Society
Police seek global alliance in DDoS attack probe
By Kim Eun-jung
SEOUL, March 7 (Yonhap) -- South Korean police have contacted 35 countries to ask for cooperation in tracing the origin of a massive cyber attack on the Web sites of key government and financial institutions last week, officials said Monday, amid a nationwide cyber security alert issued against further threats.

   The Web sites of about 30 key South Korean government agencies and financial institutions came under a so-called distributed denial-of-service (DDoS) attack for two days from Friday, with about 50,000 "zombie" computers infected with a virus seeking simultaneous access to selected sites and swamping them with traffic.

   "As of Monday at noon, we have discovered 98 overseas servers that were used to carry out the DDoS attack," an official at the National Police Agency (NPA)'s Cyber Terror Response Center said. "The number could rise even more. First, we have sent official requests to law enforcement agencies of 35 nations, where the servers are located, to copy the servers' hard disks."

   As soon as the copies of overseas servers are obtained, the cyber investigation unit will analyze the data to track down the origin of the attacks made from countries, including the United States, Russia, Italy and Israel, the NPA noted.

   As of Monday, a total of seven file-to-file sharing sites were used to spread malware, which was then planted in 49,888 zombie computers to carry out DDoS attacks.

   The latest string of DDoS attacks, caused by malicious codes that turn personal computers into zombie PCs, bears resemblance to the cyber attack that targeted local Web sites in July 2009. At that time, authorities found 442 servers in 51 countries ordering the DDoS attack.

   In July last year, on the anniversary of the first incident, a number of Web sites suffered similar DDoS attacks because some PCs had not been fixed.\